[pmwiki-users] Security API

Andy Little andy at fubarco.com
Wed Feb 23 21:47:06 CST 2005


I have built such a system for my own wiki using an authorization system
based on MySQL that has an administration system, and fairly rudimentary
authorization.  That is, I have basically two groups, "admin" and everything
else.  There is a numerical range (0-9) of auth levels, where 0 is read, 1
is edit (non-admin pages), 8 can edit any pages, and 9 is administrator and
can access the authorization administration forms.  2-7 are possibly to be
used later for other things.

It requires registration before editing, will send email for forgotten
passwords, optionally keeps login info between visits, etc.

I do not allow any other group or page passwords, bypassing the built in
features.  It suits my needs perfectly, but wouldn't be for everyone.  The
code to implement it is pretty straightforward, and one of these days I'll
probably get around to making it a cookbook entry, but I haven't had the
time lately.

As Patrick says in a later message, the auth function is easy to replace,
but I have to say I found some of the other cookbook examples to be
difficult to understand (and I am a pretty solid programmer).

Anyway, if anyone is interested in my method, either email me or if interest
is high, prod me into developing a cookbook entry.

Andy

-----Original Message-----
From: pmwiki-users-bounces at pmichaud.com
[mailto:pmwiki-users-bounces at pmichaud.com] On Behalf Of Larry Lewis
Sent: Tuesday, February 22, 2005 6:41 PM
To: pmwiki-users at pmichaud.com
Subject: [pmwiki-users] Security API

We have a login database for people using various parts of the system, 
really only 4 levels in general Admin, Developer, Member and visitor 
what I would like to do is setup PITS in various neat ways... For 
example a Developer might want a change to the software support library 
so he needs to be able to edit pages there, we will also like members to 
be able to read the PITS information but not be able to submit anything.

Hooking up the wiki to our system is obviously my job, but could someone 
see there way clear to implementing the wiki side .. by that I mean  
someone wants to read a group/page/whatever there is a call out like 
xxx( group, page, READ ) and I can return true or false .. if a username 
is required for an edit same sort of thing. Yes I do realise this will 
be slower than the inbuilt stuff but adding 5,000 passwords to the 
config.txt aint really what I would like to do .. by the way this is one 
sample I also want members to be able to request add-ons changes et al.

Thanks .. Larry

_______________________________________________
pmwiki-users mailing list
pmwiki-users at pmichaud.com
http://pmichaud.com/mailman/listinfo/pmwiki-users





More information about the pmwiki-users mailing list