[Moin-user] I need to restrict some pages. ACL or multiple wikis?
John Marshall
John.Marshall at ec.gc.ca
Mon Aug 17 10:46:41 EDT 2009
Steven W. Orr wrote:
> I created a page called (let's say) OurGroup. The content is
>
> #acl StevenOrr:read,write,delete,revert
>
> * StevenOrr
> * FreddyFish
>
> Then I *think* I want to say this at the top of every page that I want to
> restrict. Is it sufficient to say this at the top of each of the pages?
>
> #acl OurGroup:read,write,revert,admin All:
>
acl processing works as (from HelpOnAccessControlLists page):
* processing sequence: acl_rights_before, A/B/C/D,
[acl_rights_default], acl_rights_after
* the *first ACL matching the user is used
*
* acl_rights_default is *what is done if no ACLs are used on the page*
So, unless your acl_rights_before allows others, your acl will do what
you want. Also, you do not need to add the "All:" part unless the
acl_rights_after actually allows others.
> Will this do the trick?
>
> Also, my acl_rights_default is currently set as:
>
> acl_rights_default = u'Known:read,write,delete,revert All:read'
>
The acl_rights_default is ignored if your page includes an acl (third
point above).
> Can I assume that the presumption is that what I'm describing will work
> *because* FreddyFish and myself will be logged in and therefore Known?
>
Not from what I can see. The members of OurGroup have access because
your acl allows it, which does not depend on acl_rights_default (which
follows your acl in the processing sequence, and is ignored because you
provide an acl).
Hope this helps,
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/moin-user/attachments/20090817/3a8b5efb/attachment.html>
More information about the Moin-user
mailing list