[pmwiki-users] pmwiki-2.0.beta50 released

Joachim Durchholz jo at durchholz.org
Thu Jul 21 11:20:35 CDT 2005


Patrick R. Michaud wrote:
> 1. The $HandleAuth array can be used to set the authorization 
> level required for executing a corresponding action. For example, 
> setting $HandleAuth['diff'] to 'edit' means that edit 
> authorizations are required to view the page history (?action=diff). 
> Similarly, setting $HandleAuth['source'] to 'admin' means that 
> only the admin would be able to use ?action=source.

Excellent!

I just noted that PmWiki uses these settings:
   $HandleAuth['browse']       == 'read'
   $HandleAuth['source']       == 'read'
   $HandleAuth['edit']         == 'edit'
   $HandleAuth['attr']         == 'attr'
   $HandleAuth['postattr']     == 'attr'
   $HandleAuth['approveurls']  == 'edit'
   $HandleAuth['approvesites'] == 'edit'

This seems to mean that _actions_ are separate (and use different 
terminology than) _authorisation levels_. An _authorisation level_ just 
seems to be a group of things that the admin wants to authorise as a unit.

Is that correct?

Are the authorisation level values visible to end users? If so: can I 
change the texts (say, "schreiben" statt "edit" for my German visitors)?

> 2. Passwords can now "cascade" -- that is, if a page sets a 
> 'read' password but not an 'edit' password, then the read 
> password is also used as the edit password. Similarly, if a 
> page sets an 'edit' password but not an 'attr' password, 
> then the edit password is also used as the attr password.

Is that configurable?
I.e. could I switch off parts of the cascade, or add a new intermediate 
authorisation level that becomes part of the cascade?

Regards,
Jo




More information about the pmwiki-users mailing list