[Pmwiki-users] Re: PmWiki development - User Authentication

[Bronwyn Boltwood]

On Mon, 7 Jun 2004 08:31:06 -0600, Patrick R. Michaud <pmichaud at pobox.com> wrote:
> I haven't given it much thought, simply because I still haven't come
> up with any good ideas about how to control authorization (determining
> what actions a user is allowed to perform and where) after a user has
> been authenticated.
 
> This is another one of those cases where it would help tremendously
> to have a real-world example of what is needed, rather than to
> try to guess based on what is possible.

I work at a helpdesk. The contracts we work on change frequently, and we usually aren't 
informed through the proper channels.  The current knowledgebase is slow and difficult to 
update.  I dream of using a wiki as our KB, because we could have updates as they happen 
instead of weeks after the fact.    However, management would never consider something 
that does not make them feel in control.  I think the following would be a reasonable 
compromise between the needs of the technicians and the fears of management: 

1.  Management and 2nd level techs can create and edit pages as normal.  
2.  The technicians can create or edit pages, but the information is marked as 
unconfirmed, and displayed in a visually distinct style (e.g. different font and 
background colour, maybe a watermark).  If it's a changed page, the old version should be 
displayed too.  
3.  Management and 2nd level techs can edit or just "rubberstamp" unconfirmed 
contributions, marking them as confirmed.  
4.  Signing contributions is mandatory, and preferably should be backed up by personal 
accounts, so that people can't just falsify the author name.  

Since I'll be leaving this job soon, and management would never allow a wiki anyway 
(they're being idiots, which is one big reason that I'm leaving), this scenario is an 
idea-generator rather than a feature request...but I can see this kind of scheme being 
useful for more than just my little department.  

Bronwyn