[pmwiki-users] Passwords for "uncritical" actions
Patrick R. Michaud
pmichaud at pobox.com
Tue Jun 21 16:30:17 CDT 2005
On Sun, May 22, 2005 at 11:45:47AM +0200, Joachim Durchholz wrote:
> Hi all,
> one of my customers just requested a password on the actions "source"
> and "diff".
> Is there a simple way to implement this?
> Any hope of including that in the core?
It's on my slate of things to do -- actually, I'm intending that
each action will be able to provide the set of permission levels it
needs to check before authorizing access. For example,
?action=edit needs to check both 'edit' and 'read' permissions,
?action=auth should check 'auth', 'edit', and 'read',
?action=upload should check 'upload' and 'read',
?action=comment should check 'comment' (or 'append'), 'edit', and 'read',
In the meantime there's a simple workaround:
if ($action == 'source') $page = RetrieveAuthPage($pagename, 'edit');
requires 'edit' permissions to view the page source.
More information about the pmwiki-users