[pmwiki-users] global overview of passwords/authorizations
Patrick R. Michaud
pmichaud at pobox.com
Sat Jul 23 09:02:17 CDT 2005
On Sat, Jul 23, 2005 at 09:55:13AM +0100, Hans wrote:
> Saturday, July 23, 2005, 6:06:24 AM, Patrick wrote:
> > Comments, suggestions welcomed.
>
> There are two read protected pages which are not listed in the table:
> http://www.pmwiki.org/wiki/Test/ReadProtected
> http://www.pmwiki.org/wiki/Test/ReadPass
>
> Does the pagelist not list read protected pages?
> Should it not, given the Read column?
As a general rule, placing a read password on a page tells PmWiki
not to expose any information about that page, except for the pagename.
And PmWiki tries not to expose the pagename if $EnablePageListProtect
is set.
So, as things stand now, if there's a read password on a page and
the browser hasn't supplied the read password, then the page won't
appear in the authtable. There is an argument to be made that it
could instead display something like
Test.ReadProtected || read || ??? || ??? || ??? ||
with the ???'s indicating that the information is hidden.
OTOH, from previous messages it seems likely that this table is
going to be restricted to those who have attr or admin permissions
anyway; if that's the case then the read permissions probably
don't pose a big problem.
Pm
More information about the pmwiki-users
mailing list