I have read everything in this forum about setting up permisisons and passwords, but I still can't accomplich what I am trying to do.
I only want users in the group _AUTHENTICATED to be able to view pages.
Category Gruop looks like this:
All links in this page will be used to find user groups for the
WIKIPAGE group method. User group pages must contain a list of
usernames, and then for consistency after four hyphens a link to this
_AUTHENTICATE looks like this:
I have several pages set (ACL) to be viewd by Authenticated Users only. If I have read enerything correctly, only usernaem BillNeely should be able to view those pages. But, in fact, everybody who logs in and establishes a password is able to view those pages.
What am I missing here?
Making the following change at line 239 or so, makes it diplay the not auth message instead of the sign in message
// $require_level = $this->requiredAuthority($action);
$require_level = $this->requiredAuthorityForAction($action);
I am not sure if this helps or not, but I made the following change to main.php at about line 242:
// if (! $this->_user->hasAuthority($require_level))
if ($this->requiredAuthorityForAction ($action) == 100)
$this->_notAuthorized($require_level); // NORETURN
This seems to resolve the problem. Now unautorized users are given the enter your password page instead of the prohibited page. Haven't tested this very thoroughly yet.