[pmwiki-users] suggestion for improved password admin

Patrick R. Michaud pmichaud at pobox.com
Mon Jan 24 16:22:51 CST 2005 

On Sun, Jan 23, 2005 at 08:11:02PM -0500, Neil Herber wrote:
> 
> The $64 question is, could the ATTR form be made a little more helpful? 

Probably.

> =========
> Set new read password:  (box)  not set
> Set new edit password:  (box)  not set
> Set new attribute password:     (box)  *
> Set new upload password:        (box)  set
> ===========
> 
> This indicates to me that on this page:
> * the read and edit passwords are not set (nor are they set in config.php)
> * the attribute password is picked up from config.php
> * the upload password is set to some value here

One issue is that it makes processing of the attribute form a
fair bit more complex -- not to mention that much of this will
have to change when user-based authorization is implemented.
Plus, since the authorization is completely pluggable, it'd be easy 
for this form to then become "entirely wrong" for any alternate 
authorization scheme.

For example, it's likely that passwords will start to interact
with each other in some manner -- i.e., if a page has an edit
password and there's no attribute password set, then the edit password
will also be used for an attribute password.

> At the very least, the language at the top of the form should be changed. 
> Currently it says:
> 
> >Enter new attributes for this page below. Leaving a field blank will leave 
> >the attribute unchanged. To clear an attribute, enter 'clear'.
> 
> It should say:
> 
> Enter new passwords for this page in the form below. Leaving a field blank 
> leaves the password unchanged. 

I chose the word "attributes" instead of "passwords" because this form
can actually be used for more than storing just passwords.  PmWiki has
long had the capability for administrators to add additional page
attributes that can be set via ?action=attr.  However, it is true that
I don't know that anyone has actually made use of this capability to
specify other attributes besides passwords yet... :-).

However, I agree that we need to make the password settings more
visible to authors somehow, so I'll include this in my planning.

Pm

More information about the pmwiki-users mailing list