phpwiki-talk

[Phpwiki-talk] Access control

[Tom C. <li...@to...>]

Hello,

I'm trying to set-up a wiki for a UK Government Commission. I'm on a very 
limited timescale here, so I apologise profusely for asking what may be a 
stupid and ill-researched question, but I've not yet found a solution in the 
scattered documentation available.

I'm trying to do some very basic access control, so that there are two kinds 
of user: those with access to read, and those with access to edit. I could 
just give the edit group the admin password, but I'd rather not. I could do 
some trickery with Apache's mod_auth, but I'd rather not.

Can somebody give me a quick rundown of what I need to do, if it's possible, 
to achieve this?

Kind regards,
Tom Chance

Re: [Phpwiki-talk] Access control

[Reini U. <ru...@x-...>]

Tom Chance schrieb:
> I'm trying to set-up a wiki for a UK Government Commission. I'm on a very 
> limited timescale here, so I apologise profusely for asking what may be a 
> stupid and ill-researched question, but I've not yet found a solution in the 
> scattered documentation available.
> 
> I'm trying to do some very basic access control, so that there are two kinds 
> of user: those with access to read, and those with access to edit. I could 
> just give the edit group the admin password, but I'd rather not. I could do 
> some trickery with Apache's mod_auth, but I'd rather not.
> 
> Can somebody give me a quick rundown of what I need to do, if it's possible, 
> to achieve this?

Simpliest:
Use mod_auth. The anonymous user may read, all other edit.

Advanced:
Use BogoLogin or any better auth method, the WikiGroup feature, and use 
PagePermissions (ACL). (This is not fully tested yet)

For example with the GROUP_METHOD WIKIPAGE create the
CreateCategory page, list the two groups and for each group
create a page with all the members.

Then create a page '.'.
Then in PhpWikiAdministration/SetAcl set the edit permission for this 
page the the group which is allowed to edit (and change, remove).
All other pages inherit their ACL from '.'
-- 
Reini Urban
http://xarch.tu-graz.ac.at/home/rurban/

Re: [Phpwiki-talk] Access control

[<li...@to...>]

On 1/1/1970, "Reini Urban" <ru...@x-...> wrote:
>Advanced:
>Use BogoLogin or any better auth method, the WikiGroup feature, and use
>PagePermissions (ACL). (This is not fully tested yet)
>
>For example with the GROUP_METHOD WIKIPAGE create the
>CreateCategory page, list the two groups and for each group
>create a page with all the members.
>
>Then create a page '.'.
>Then in PhpWikiAdministration/SetAcl set the edit permission for this
>page the the group which is allowed to edit (and change, remove).
>All other pages inherit their ACL from '.'

Two problems:

1) How do I set-up users and their passwords? The documentation doesn't
explain how you put the password into the page's metadata, nor how to
use a htpasswd file, so though I have a page created for the user
"tom" who is in group "community", that user still has no password.

2) The page PhpWikiAdministration/SetAcl doesn't yet exist, and I can't
see any documentation on how to create / use it.

I'm using phpwiki 1.3.10

Regards,
Tom

Re: [Phpwiki-talk] Access control

[Reini U. <ru...@x-...>]

li...@to... schrieb:
> On 1/1/1970, "Reini Urban" <ru...@x-...> wrote:
> 
>>Advanced:
>>Use BogoLogin or any better auth method, the WikiGroup feature, and use
>>PagePermissions (ACL). (This is not fully tested yet)
>>
>>For example with the GROUP_METHOD WIKIPAGE create the
>>CreateCategory page, list the two groups and for each group
>>create a page with all the members.
>>
>>Then create a page '.'.
>>Then in PhpWikiAdministration/SetAcl set the edit permission for this
>>page the the group which is allowed to edit (and change, remove).
>>All other pages inherit their ACL from '.'
> 
> 
> Two problems:
> 
> 1) How do I set-up users and their passwords? The documentation doesn't
> explain how you put the password into the page's metadata, nor how to
> use a htpasswd file, so though I have a page created for the user
> "tom" who is in group "community", that user still has no password.

With htpasswd files you may use the utilities for htpasswd files.
Like htpasswd from the apache package.
If you allow self-creating users, they create themselves at the first 
login.
Otherwise you can set or change a password at the UserPreferences page.
If you choose to allow it.
If you don't allow password changes, the passwords must already exist. 
(http auth, db auth, file auth ...)
More self-explanatory docs in config.ini.

> 2) The page PhpWikiAdministration/SetAcl doesn't yet exist, and I can't
> see any documentation on how to create / use it.
> 
> I'm using phpwiki 1.3.10

You have to use latest CVS.
-- 
Reini Urban
http://xarch.tu-graz.ac.at/home/rurban/

Re: [Phpwiki-talk] Access control

[<li...@to...>]

On 6/15/2004, "Reini Urban" <ru...@x-...> wrote:

>> 2) The page PhpWikiAdministration/SetAcl doesn't yet exist, and I can't
>> see any documentation on how to create / use it.
>>
>> I'm using phpwiki 1.3.10
>
>You have to use latest CVS.

Given that I'm setting this wiki up for a UK Government Commission, how
good an idea is that? I only need to set the permissions up so that one
non-admin user can edit some pages... is that something I can do by
using only some of the CVS code?

Thanks for your help so far.

Regards,
Tom