Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

ACL Permissions

novatrope
2005-09-13
2012-10-11
  • novatrope
    novatrope
    2005-09-13

    I have read everything in this forum about setting up permisisons and passwords, but I still can't accomplich what I am trying to do.

    1. I only want users in the group _AUTHENTICATED to be able to view pages.

    2. Category Gruop looks like this:
      All links in this page will be used to find user groups for the
      WIKIPAGE group method. User group pages must contain a list of
      usernames, and then for consistency after four hyphens a link to this
      page.

    3. [Administrators]

    4. [_AUTHENTICATED]

    5. _AUTHENTICATE looks like this:
      *BillNeely


    [CategoryGroup]

    I have several pages set (ACL) to be viewd by Authenticated Users only. If I have read enerything correctly, only usernaem BillNeely should be able to view those pages. But, in fact, everybody who logs in and establishes a password is able to view those pages.

    What am I missing here?

     
    • novatrope
      novatrope
      2005-09-15

      Making the following change at line 239 or so, makes it diplay the not auth message instead of the sign in message

      // $require_level = $this->requiredAuthority($action);
      $require_level = $this->requiredAuthorityForAction($action);

       
    • novatrope
      novatrope
      2005-09-15

      I am not sure if this helps or not, but I made the following change to main.php at about line 242:

      // if (! $this->_user->hasAuthority($require_level))
      if ($this->requiredAuthorityForAction ($action) == 100)
      {
      $this->_notAuthorized($require_level); // NORETURN
      }

      This seems to resolve the problem. Now unautorized users are given the enter your password page instead of the prohibited page. Haven't tested this very thoroughly yet.