[Moin-user] Specifying page edit permissions when using LDAP authentication

Thomas Waldmann tw-public at gmx.de
Sun Jan 7 01:36:04 EST 2007

> acl_rights_default = u"cri1258:read,write,delete,revert,admin \
>                            All:read \
>                            Known:read,write,delete,revert \
>                            Trusted:read,write,delete,revert"
> Unfortunately, this isn't working. After logging in, using cannot edit pages. 

Sure, because this stuff is processed left-to-right and terminates on 
first match.

As everybody is matched by "All:", you will only get read access except 
if you are cri1258.

The solution is to sort like this: cri1258 Trusted Known All (getting 
less special as you move from left to right).

BTW, maybe you rather don't need the Trusted stuff for the same reason.

More information about the Moin-user mailing list