Menu
▾
▴
Re: [Phpwiki-talk] Re: auth prefs
|
From: Reini U. <ru...@x-...> - 2002-10-02 17:00:15
|
Joby Walker schrieb: > Reini Urban wrote: >> Joby Walker schrieb: >> >>> 2) no admin account (ADMIN_GROUP): this would grant to specific users >>> WIKIAUTH_ADMIN privilages. With this enabled there is no admin >>> account, but certain users have administrative privilages. With this >>> modifications can be tracked by user. >> >> This will be a PagePermission feature, once groups are ready. > > > Any info on this? I will certainly help. Good. We just discussed the layout here, but I have no code yet, because of the UserAuth problems. See the mainlinglist and the phpwiki pages. We decided to put the groupmembers info into simple wikipages as * lines. PagePermission is just another numeric meta_data field "perm", similar to "hits" or "pref". Also a new field owner: "owner", with groups "owner.group"? or seperate? "userid" is the latest author. for upgrading the owner will be the original userid field. Then each action needs a central permission check in main(). For display, save/remove and various other executable plugins. I would move the basic read/write checks from main() to the WikiDB level. Then we have to enhance requiredAuthority ($action) to requiredAuthority ($action, $page), or make requiredAuthority ($action) a WikiDB method. For example to disallow the listing of private -r pages in PageList. or if an admin plugin may change other pages. -- Reini Urban http://xarch.tu-graz.ac.at/home/rurban/ |
