[pmwiki-users] Password Confusion

[Tegan Dowling]

On 1/29/06, Tegan Dowling <tmdowling at gmail.com> wrote:

> On 1/29/06, Ryan D'Baisse <ryan.dbaisse at gmail.com> wrote:
> >
> > Am I just not getting something?  I was under the impression that the
> > default passwords had a hierarchy effect.  I thought, they worked in
> > the following order...
> >
> >         READ: Visitors can read content
> >         EDIT: Visitors can read and edit content
> >         UPLOAD: Visitors can read, edit, and upload content
> >         ATTR: Visitors can read, edit, upload, and change attributes
> >         ADMIN: The equivalent of a "PmGod" ... can do anything
> >
> > Is this not the case?
> >
> > For this reason, I had the following passwords
> >
> >         READ: password01
> >         EDIT: password02
> >         UPLOAD: password02
> >         ATTR: password03
> >         ADMIN: password03
> >
> > Unfortunately, this had problems:
> >
> >         1. Visitors logging in with "password01" could read and edit
> > pages... not good; and,
> >
> >         2. Visitors could not log in with "password02" at all
> > (regardless of
> > how many times I reset it).
> >
> > What am I missing?  I would like to have the following...
> >
> >         A. Visitors logging in with "password01" should be able to read
> > the
> > site but not edit or alter anything;
> >
> >         B. Visitors logging in with "password02" should be able to read,
> >
> > edit, and upload; and,
> >
> >         C. Visitors logging in with "password03" should be able to do
> > anything with the site.
> >
> > Is this possible?  If so, how do I accomplish this?
>
>
You may have an error somewhere, since as you have it, password01 should
definitely not be enabling users to edit.

But you also have a misunderstanding: if you want password02 to enable
editing of pages that are read-protected, you also have to also make
password02 a read-password.

Maybe you should review http://www.pmwiki.org/wiki/PmWiki/PasswordsAdmin?

------------

(Sorry about the top-post, previously - stupid computers.)

We have something like this in our config.php files:

    // Passwords
        $PmWikiAdminPassword = crypt('password03');
        $PmWikiReadEditUploadPassword = crypt('password02');
        $DefaultPasswords['admin'] = $PmWikiAdminPassword;
        $DefaultPasswords['read'] = array(crypt('password01'),
$PmWikiReadEditUploadPassword);
        $DefaultPasswords['attr'] = $PmWikiAdminPassword;
        $DefaultPasswords['edit'] = $PmWikiReadEditUploadPassword;

    //  Uploads

        $EnableUpload = 1;
        $UploadUrlFmt = $ScriptUrl.'/uploads';
        $DefaultPasswords['upload'] = $PmWikiReadEditUploadPassword;
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/pmwiki-users/attachments/20060129/fa402dac/attachment.html