[Moin-user] Can't delete pages
Bradey Honsinger
bradeyh at gmail.com
Wed Apr 28 14:18:29 EDT 2010
On Tue, Apr 27, 2010 at 9:25 PM, Richard Jones <r1chardj0n3s at gmail.com> wrote:
> acl_rights_before = u"Known:read,write
> usera:read,write,delete,revert,admin
> userb:read,write,delete,revert,admin
> RichardJones:read,write,delete,revert,admin"
Your login is matching on "Known", not on "RichardJones"--ACL processing stops
at the first match. It should look like this:
acl_rights_before = u"RichardJones:read,write,delete,revert,admin
usera:read,write,delete,revert,admin
userb:read,write,delete,revert,admin Known:read,write"
See http://moinmo.in/HelpOnAccessControlLists#ACL_processing:
"""
5.1. Order of processing ACL entries
When a user is trying to access an ACL-protected resource, the ACL
entries will be processed in the order they are found. The first ACL
entry matching the user will determine whether the user has access to
that resource or not and processing will stop. Due to this first match
algorithm, you should arrange your ACL entries in the following order:
1) single usernames, 2) special groups, 3) more general groups, 4)
Known and finally 5) All.
"""
Also, you probably don't want "Known" in acl_rights_before at
all--using it here means that no matter what the #acl directive on a
page says, all logged-in users will be able to read and write
it. "Known" should probably be in acl_rights_default instead.
- Bradey
More information about the Moin-user
mailing list