[pmwiki-users] What am I doing wrong re edit password?

Patrick R. Michaud pmichaud at pobox.com
Sun Jan 21 10:39:17 CST 2007


On Sat, Jan 20, 2007 at 08:38:52PM -0800, jeb eddy wrote:
> Along with an admin password, which works fine, my local/config.php 
> file contains:
> 
> $DefaultPasswords['edit'] = crypt('noneOfYourBusiness');
> 
> I think this is supposed to create a site-wide password, right?
> 
> I want everyone to whom I send the unencrypted password to be able to 
> get in, and then have full access to both read and edit all pages.
> 
> But my phone rang just a few minutes after I sent out the email, and 
> my friend said he got the password prompt page, but could not get in.
> 
> 'Edit' includes 'read', does it not?  I have been assuming Yes.

No, 'edit' doesn't automatically include 'read'.  I know this
might seem counter-intuitive, but there are cases where we 
want someone to be able to add content to a page (e.g., through
an external recipe or automated process) but not be able to view
its existing contents.

> Or do I have to create different site-wide passwords for both read 
> and edit?  In which case, how does a user know which one to enter?

PmWiki allows arrays of passwords, thus you can do:

    $DefaultPasswords['edit'] = 
      crypt('noneOfYourBusiness');
    $DefaultPasswords['read'] = 
      array(
        crypt('readPassword'),
        crypt('noneOfYourBusiness')
      );

Someone who knows the "noneOfYourBusiness" password will have both
edit and read permissions, while someone who has "readPassword"
can only read.

> Also,  I have read some references to "locked" passwords.  What does 
> this mean?  Is it relevant to my efforts?

A "locked" password is simply any password specification
where the password isn't known (or an authorization group 
without any members).  PmWiki's standard for this is to use
'@lock'.  In such a situation, only someone with 'admin' privileges
can get around a locked password.

Pm




More information about the pmwiki-users mailing list