ACL Permissions

  • novatrope

    novatrope - 2005-09-13

    I have read everything in this forum about setting up permisisons and passwords, but I still can't accomplich what I am trying to do.

    1. I only want users in the group _AUTHENTICATED to be able to view pages.

    2. Category Gruop looks like this:
      All links in this page will be used to find user groups for the
      WIKIPAGE group method. User group pages must contain a list of
      usernames, and then for consistency after four hyphens a link to this

    3. [Administrators]


    5. _AUTHENTICATE looks like this:


    I have several pages set (ACL) to be viewd by Authenticated Users only. If I have read enerything correctly, only usernaem BillNeely should be able to view those pages. But, in fact, everybody who logs in and establishes a password is able to view those pages.

    What am I missing here?

    • novatrope

      novatrope - 2005-09-15

      Making the following change at line 239 or so, makes it diplay the not auth message instead of the sign in message

      // $require_level = $this->requiredAuthority($action);
      $require_level = $this->requiredAuthorityForAction($action);

    • novatrope

      novatrope - 2005-09-15

      I am not sure if this helps or not, but I made the following change to main.php at about line 242:

      // if (! $this->_user->hasAuthority($require_level))
      if ($this->requiredAuthorityForAction ($action) == 100)
      $this->_notAuthorized($require_level); // NORETURN

      This seems to resolve the problem. Now unautorized users are given the enter your password page instead of the prohibited page. Haven't tested this very thoroughly yet.


Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks