[Moin-user] Templates v. ACLs

Thomas Waldmann tw-public at gmx.de
Mon Mar 10 10:44:18 EDT 2008

> I have a problem with templates.  The problem is that the ACL I want  
> on the page  as a template is not the same as the ACL I want on page  
> that's generated from the template.

That's a problem with the current system. If you want to change ACLs, 
you need admin rights.

> In particular, I want one group to be able to edit the template and  
> have the template publicly readable, but when the template is  
> instantiated, I want only the page owner

Moin (and most wikis) don't have a concept of "page ownership" because 
it is often hard to define who should be that owner.

> I've thought about this, and I don't see any easy way to do it, so  
> I'm asking the combined wisdom of the list to see if there's a way.

If there are some specific conditions when a user should have admin 
rights, it can be done by a security policy. Maybe look at the autoadmin 
secpol (see MoinMoin/security/autoadmin.py).

> If anyone has any suggestions or insight, I'd appreciate it.  I'm  
> willing to make changes to the moin source, if that's what it takes.

Maybe a future moin template system should not load the template into 
the editor, but instantiate a page with a copy of that template as first 
revision (and thus, creating the ACL internally, without the user 
needing to be able to do that). Of course this is only half a solution 
for your special case.

More information about the Moin-user mailing list