From: Thomas Fanslau <tfanslau@gm...> - 2003-10-09 17:29:19
I read thru the documentation on Access-Control-Lists and i think they
are to fine-grained for my taste. Or to meet my requirements.
I made a single, small change to the source to be able to disable some
actions at all.
In "config.py" I removed the line with
excluded_actions = ['DeletePage', 'AttachFile']
and added a line
'excluded_actions' : ['DeletePage', 'AttachFile'],
to the "cfg_defaults"-dictionary. This way I can write
excluded_actions = ['DeletePage', 'AttachFile', 'edit']
in my "moin_config.py"-File to remove the ability to edit pages at all.
That is useful if you want to allow editing from the Intranet while
disallowing it from the Internet (regardless of the user logged in).