[pmwiki-users] Using Site.AuthUser for Controlling Access to wiki Page Groups

Sivakatirswami katir at hindu.org
Sat Dec 16 22:51:46 CST 2006


I'm trying to grok, finally, Auth User to control access to wikis.

Because I thought the admin was just too high earlier, I separated out 
wikis to fields and then
used .htaccess files to specific fields. This was useful as it 
integrated PMwiki access control
within the same admin task used to any and all  protected areas on the 
web site (apart
from PMwiki...)

But now I'm finding that some fields I have created are best integrated 
into a single wiki.
the model would be that certain sets of groups would be available for 
read and edit
by  some people but not others... In this particular implementation, 
typically
if you have clearance to read pages, you also have
clearance to edit... (these are not public sites...)

But If I merge several fields, then I will still need to work with 
access control for sets of
groups. I already understand the PMwiki password system, find it still a 
bit cumbersome.
I need to be apply to set up auth groups...
What I'm wondering now, after reviewing...

http://www.pmwiki.org/wiki/PmWiki/AuthUser

is that, I see reference to "groups" but these are user groups
and not Pmwiki {$Groups}

if there is a way to use the Site.AuthUser  page to control access by ID
to page groups? One would envision something akin to page list markup
(so that we don't have yet another, new construct to remember...)

Let's say we have on the Site.AuthUser page
( an possbily there is some recipe for this already in place
but I have not seen it)

LIST OF USERS
------
   alice: (:encrypt wonderland:)
   bob: (:encrypt clouds:)
   pat: (:encrypt roses:)
   john: (:encrypt flute:)

USER GROUPS
----
@writers: alice, john
@admin: bob, pat

----------
ACCESS CONTROL TO PMWIKI PAGE-GROUPS
# where we declare the page-groups that
# an auth users-groups can read and write
# something like:

@Writers: access: group=-LexiconProject,AudioTranscription
@Admin: access: group=*  #all groups

Heck, lets' go all the way, where we define what the groups
can and cannot do. One want this to be implemented from the
start on log in... which makes me wonder how PMwiki decides
what page in the whole wiki it will first display to
someone who has read on privileges to one or two groups:

@Viewers: access: group=Teachers,Cirriculum attr=read
@Writers: access: group=-LexiconProject,AudioTranscription attr=read,edit
@Admin: access: group=*  #all groups  attr=read,edit,admin

Perhaps all this is already present in the framework and someone
can jus point me in the right direction. I *could* use PMwiki password
but then you have to configure every single group, and if you make a new
group you have to go and configure that one... you need to keep an
offline list of users and what password you have assigned to what groups 
etc.
whereas doing all this at Site.AuthUser would be marvelous.


In  Peace
Sivakatirswami
www.himalayanacademy.com




More information about the pmwiki-users mailing list