[pmwiki-users] How to determine if a page requires a valid user id or a shared password?
Lars Grau
mail at larsgrau.de
Mon Oct 25 06:00:58 CDT 2010
Dear all,
I've put together a first rough cookbook on the basis of Peter Bowers code suggestion.
It's definitely a "pre-alpha" and needs further enhancements.
I would really appreciate if you can comment on this, especially on the lines marked with "@@@".
Instead of pasting the code here, I made it available for downloading from the following location:
http://larsgrau.de/static/documents/getPagePermissions.phps
Thanks in advance,
L.-
On Oct 20, 2010, at 9:10 AM, Peter Bowers wrote:
> On Tue, Oct 19, 2010 at 8:13 PM, Lars Grau <mail at larsgrau.de> wrote:
>> How can I determine by ConditionalMarkup if the requested page action requires ...
>>
>> - a) admin rights (and hence render username AND password field) or
>> - b) a valid id (and hence render username AND password field) or
>> - c) a shared password (and hence render the password field ONLY)
>> - d) a shared password OR a valid id (and hence render username AND password field)
>>
>> ... according to the given action (browse/edit/upload/attr) ?
> ...
>> How do I fill the {$RequiredPagePermission} condition ???
>
> It's going to get more complicated before it gets solved... The
> problem is you have to deal with cascading authorization,
> authorizations from various sources (page, group, config.php), etc.
>
> I believe you can fill in {$RequiredPagePermission} using code similar
> to this in config.php (assuming we completely ignore any passwords
> from group and making a bunch of other assumptions):
>
> ===(snip - untested)===
> $FmtPV['$RequiredPagePermission'] =
> 'GetRequiredPagePermission($pagename, $page)';
> function GetRequiredPagePermission($pagename, $page)
> {
> global $action;
> if ($action == 'edit') $tmppass = $page['passwdedit'];
> else $tmppass = $page['passwdread']; // ignoring other actions for
> simplicity - may not suffice
> if (!$tmppass) {
> if ($action == 'edit')
> $tmppass = $DefaultPasswords['edit'];
> else
> $tmppass = $DefaultPasswords['read']; // again, ignoring other actions
> }
> if (!$tmppass || strpos($tmppass, '@nopass') !== FALSE) return '';
> // blank if no password
> elseif (strpos($tmppass, 'id:*') !== FALSE)
> return 'id:*';
> elseif (strpos($tmppass, 'id:') !== FALSE)
> return 'id';
> elseif (strpos($tmppass, '@lock') !== FALSE || strpos($tmppass,
> '@_site_admin') !== FALSE)
> return 'admin';
> else
> return 'passwd';
> }
> ===(snip)===
>
> The more I look at it the less it seems to work in the "real world"
> without a lot more coding to deal with other issues, but maybe it'll
> get you started in the right direction? Also I'm not sure if $page is
> going to be available...?
>
> You might also look at http://www.pmwiki.org/wiki/Cookbook/OpenPass to
> see some related types of actions there...
>
> Hope that helps.
>
> -Peter
More information about the pmwiki-users
mailing list