[Moin-user] access control lists
Nir Soffer
nirs at freeshell.org
Mon Jan 31 04:49:45 EST 2005
On Sun, 2005-01-30 at 20:25 -0800,
moin-user-request at lists.sourceforge.net wrote:
> I have these settings in the configuration....
>
> # Enable acl (0 to disable)
> acl_enabled =3D 1
>
> acl_rights_default =3D u"All:read =
> RaceCar,WingZero:read,write,delete,revert"
>
> acl_rights_before =3D u"FastDragon:read,write,delete,revert,admin
> =
> RaceCar,WingZero:read,write"
>
> Then I have this page that I don't want anyone but FastDragon to be
> able =
> to view, and at the top of the page, I have....
>
> #acl FastDragon:read,write,delete,revert,admin
>
> but this doesn't prevent RaceCar and WingZero from reading this page =
> which I wanted to be totally private. How do I do this?
The acl is wrong. The correct setup will be:
acl_rights_before = u"FastDragon:read,write,delete,revert,admin"
This will let you do anything with any page - because acl use the first
match.
Do not define acl_rights_defaults, use the default setup.
And on the page:
#acl FastDragon:read,write,delete,revert,admin All:
This will let FastDragon to do anything and deny all others.
Do you really want FastDragon to admin this page? dragons might change
the acl and loose their privacy. If that dragon page must be private,
don't give the admin right:
#acl FastDragon:read,write,delete,revert All:
--
Best Regards,
Nir Soffer.
More information about the Moin-user
mailing list