[pmwiki-users] global overview of passwords/authorizations
Patrick R. Michaud
pmichaud at pobox.com
Wed Jul 20 22:50:06 CDT 2005
On Wed, Jul 20, 2005 at 11:16:37PM -0400, Neil Herber wrote:
> >So, maybe something like ... ?
> >
> >|| page name || attribute || upload || edit || read ||
> >|| zxcv.zxcvzx || (page) || (page) || (page) || page ||
> >|| abcd.abcdef || (group) || --- || group || ---- ||
>
> The line you have for zxcv confuses me - does the upload really get
> cascaded from the read password? If so, why doesn't it happen on the abc
> line?
Yes, the upload really gets cascaded from the read password.
The concept is that when someone puts a read password on a page,
they typically want to block -all- access to that page.
In the case of the abc line, there's no read password to
cascade. I didn't set the edit password to cascade to
upload, because eventually there's likely to be a 'comment'
level which is separate from editing, and we may want to allow
people to attach files as part of comments. I can also
envision applications where people are allowed to upload
but not edit the page contents. Soooo, I left it that
upload inherits from 'read' so that I've got some flexibility
to change it later :-).
Besides, it's all configurable by the admin anyway (via the
$AuthCascade array :-).
Pm
More information about the pmwiki-users
mailing list