[pmwiki-users] New AuthUser Functionality

Patrick R. Michaud pmichaud at pobox.com
Fri Nov 25 10:25:19 CST 2005 

On Fri, Nov 25, 2005 at 07:35:19AM -0800, Christopher Dant wrote:
>    As the new AuthUser functionality comes into focus I wonder if it can be
>    built to support or provide some some simple reports?

This is coming via AuthList/AuthTable; see 
http://www.pmwiki.org/wiki/Test/AuthList for an example.  
I'm still working out the formatting for this report.

>    Also, is it possible to define access durations for each permission: ie a
>    duration during which the permission will be granted such as 30 days or
>    until a specified date?

The authorization system is so complex already that I'm hesitant to
add yet another dimension to it.  (This isn't a "no", it's
just a "we really need to clean up other things first".)

>    Three Suggested Reports:
>    A. Group / Page  / User
>    A list of all groups and pages with explicitly assigned permissions, and
>    all of the users for each.
>     
>    B. User / Group / Page
>    A list of all of the users with permissions, and the groups / pages for
>    which each has explicitly assigned permissions.

The way these are described (especially the last one) somewhat assumes 
that we have a list of users somewhere.  Since authuser allows 
authentication against external databases and authentication systems, 
that could be sort of tricky, and if the authentication database has 
several thousand users, we probably don't want the complete list.

More likely is to simply scan a set of pages and report any users
explicitly listed in those pages.

>    A. Group / Page  / User
>     
>    Site
>        id:*    read
>        admin    admin
>    Protected
>        joe    read
>        bert    read
>        sally    edit
>        ernie    read
>        admin    adim
>    SuperSecret
>        sally    edit
>        admin    admin

I'm not seeing the group (or page) in each of the above.  Plus,
this is somewhat backwards in that a user could have multiple
permission levels (e.g., "read,upload").  Also we'd want to 
list authorization groups somehow ("@editors"), and I'm not 
quite sure how to do that.

Pm

More information about the pmwiki-users mailing list