[Moin-user] ACLs on new created (sub) pages

Nir Soffer nirs at actcom.net.il
Sun May 22 01:37:07 EDT 2005

On 19 May, 2005, at 6:24, moin-user-request at lists.sourceforge.net wrote:

> until now we had a very closed user group for our wiki. I used the
> following in my wikiconfig.py.
> acl_rights_before =3D u"RalfGross:read,write,delete,revert,admin"
> acl_rights_default =3D 'ValidUserGroup:admin,read,write,delete,revert 
> All=
> :'
> Now we have the need to permit read (and sometimes write) access on 
> singe=
> l
> pages to new users. I accompished that with:
> #acl UserFoo:read,write Default
> This works, but if the user creates a Link to a new page, he doesn't 
> have
> the rights to create this page because he is not listed in the default
> acl.

If you want users to have write access on new pages, add the users to 
group NewPagesGroup, and give this group read,write rights on 
acl_rights_after. Make sure this group does not have write right on 
existing pages by adding NewPagesGroup:read on the end of the page acl.

Maybe you like to have a custom SecurityPolicy, with few lines of 
Python code that implement the creation of new pages rules. Here is an 

# policy.py
# should be in the same directory as farmconfig

from MoinMoin import security

class SecurityPolicy(security.Permissions):

	def create(self):
		# Don't let annonymous user to create new pages
		if not self.request.user.valid:
			return False
		# Let memebers of group NewPagesGroup to create pages
		return self.request.dicts.has_member(u'NewPagesGroup', 

	def write(self, pagename):
		if not self.request.page.exists():
			return self.create()
			# Let the base class decide
			return security.Permissions.write(self, pagename)
# farmconfig.py

from MoinMoin.multiconfig import DefaultConfig

class FarmConfig(DefaultConfig):
	from policy import SecurityPolicy


Best Regards,

Nir Soffer

More information about the Moin-user mailing list