[pmwiki-users] global overview of passwords/authorizations
Patrick R. Michaud
pmichaud at pobox.com
Wed Jul 20 22:50:06 CDT 2005
On Wed, Jul 20, 2005 at 11:16:37PM -0400, Neil Herber wrote:
> >So, maybe something like ... ?
> >|| page name || attribute || upload || edit || read ||
> >|| zxcv.zxcvzx || (page) || (page) || (page) || page ||
> >|| abcd.abcdef || (group) || --- || group || ---- ||
> The line you have for zxcv confuses me - does the upload really get
> cascaded from the read password? If so, why doesn't it happen on the abc
Yes, the upload really gets cascaded from the read password.
The concept is that when someone puts a read password on a page,
they typically want to block -all- access to that page.
In the case of the abc line, there's no read password to
cascade. I didn't set the edit password to cascade to
upload, because eventually there's likely to be a 'comment'
level which is separate from editing, and we may want to allow
people to attach files as part of comments. I can also
envision applications where people are allowed to upload
but not edit the page contents. Soooo, I left it that
upload inherits from 'read' so that I've got some flexibility
to change it later :-).
Besides, it's all configurable by the admin anyway (via the
$AuthCascade array :-).
More information about the pmwiki-users