[Moin-user] Some questions about best way to set up Moin for both user-editable and user-noneditable pages?

Thomas Waldmann tw-public at gmx.de
Fri Mar 3 04:43:04 EST 2006


> Obviously, there are two ways to set this up. I can make pages editable 
> by default, and then lock down the official pages, or lock pages by 
> default, and then enable user editing on specific pages. I'd prefer the 
> latter,

Maybe that depends on the amount of pages of each type and what you need 
as "default if someone forgets ACLs".

> but am concerned about settings for pages created by users;

Users usually have no admin rights, that means they can't put ACLs on 
pages (neither modify existing ACLs).

So user created pages will usually behave as acl_rights_default says 
(plus _before plus _after, as usual).

> they be automatically user editable and (more importantly) is there a 
> mechanism to prevent users from inadvertently (or intentionally) locking 
> them into a state where they are not editable by users?

You don't give normal users admin rights, so they can't do anything 
wrong with ACLs.

So the question is rather whether you have users that NEED to set ACLs 
on some pages. You either need to use acl_rights_before for that (with 
some AdminGroup maybe) or, if admin rights should not be global, you 
maybe want to look at autoadmin security policy (giving users admin 
rights on homepage and on project pages).

Hope that helps. For details see HelponAccessControlLists and search for 
autoadmin.




More information about the Moin-user mailing list