[pmwiki-users] Group passwords\login

IchBin weconsultants at gmail.com
Wed May 9 18:13:09 CDT 2007 

IchBin wrote:
> Patrick R. Michaud wrote:
>> On Fri, May 04, 2007 at 03:27:58PM -0400, IchBin wrote:
>>> Patrick R. Michaud wrote:
>>>> Okay, I'm now officially confused, so I'll restart.  Your original
>>>> message said:
>>>>
>>>>>>>>>   All I want to do is:
>>>>>>>>> - Hide all of a groups menu items for a particular Group.
>>>>>>>>> - Have a login menu Item that  asks for the group read password.
>>>>>>>>> - Then if validated it displays all of the Group menu items and brings 
>>>>>>>>> up the groups home page.
>>>> The big question I have is this... given that we have a group *read*
>>>> password (which prevents reading of any page in the group),
>>>> what should a visitor see before that read password is entered?
>>> For this sake of argument example they would see only the pmWiki doc and 
>>> website links. 
>> No, I mean.. what do they see in the main content area?
>> If a visitor browses to the url for the Group, and the pages
>> (incl. the HomePage) are all protected by a read password,
>> then what is the visitor to be looking at in the main content
>> area?
>>
>> Or is the Home Page for the group going to be publicly readable?
> 
> No... the whole point of this is to have the ability to *hide* 'a' 
> particular group(s) behind the covers of the normal, visible main website.
> 
> This main website can have other group(s) which *can* be linked to (via 
> the menu items in the left menu area) by *any* visitor. There is no read 
> password on these pages.
> 
> I would also have another menu item (with the other menu items on the 
> left) that would say "Login".  Once selected it would request an account 
> and password). If authorized I would then 'show' another group of menu 
> items that pertained to the groups that person is authorized to view. 
> And also load the home page for that particular group.
> 
> It is like a Servlet\JSP app I had my last site running on from my 
> machine out to the internet. Just visualize what the Wikipeadia skin 
> looks like. OK, say I am just showing three tabs at the top. Evey body 
> will see this and can read the contents that they hold. No problem. Now 
> when I login to this website all of a sudden there are say three more 
> tabs. Since I authenticated myself by logging in I am now able to have 
> these extra tabs displayed. The content of which the normal user will 
> not be able to see not to mention edit..
> 
>> Apologies if I'm coming across as dense or pedantic -- I'm just a 
>> little confused.
>>
>> Pm
>>
>>
> 
> Sorry, the confusion is probably rubbing off from me.
> 

Say I create two user accounts on the Site.AuthUser page. Is this just 
saying that a user will be authenticated by entering the correct id and 
password pair via  [[Login -> Site.AuthUser?action=login]] ? That has 
nothing to say if they are able to either read\edit\attr to any 
page\group on the site wide? It just says that I have the correct person 
for that ID and password combination?

I do not want to control access to pages by login or to the entire site. 
I want to do it at the Groups level. Of which I get confused when it 
talks about "Organizing accounts into groups". What are @writers, 
@editors and @admins groups. Are these special pmWiki arrays? I am 
speaking about groups like Site. or pmWiki. and my own groups.

OK so now I have an authenticated user. By adding entry below in to the 
config.php I am letting these authenticated user edit anything on the site?

     $DefaultPasswords['edit'] = 'id:User1,user2';

How do I authorized a user to any one or more wiki groups based on their 
Site.AutherUser id and password?  Do I have to add all of the passwords 
for users to the GroupAttributes to do what ever to a particular group. 
Since they authenticated then the password can be passed to the group so 
the group authorizes read, edit and attr based on that password?

Look at an example of a login form in the documentation. How do I post 
the password and ID name to Site.AuthUser for authentication. How do I 
handle the error if not authorized by say a misspelling or what ever?

Example from Docs:

(:input form Site.AuthUser?action=login:)
(:input hidden action login:)
||(:input text username:)    ||
||(:input password password:)||
||(:input submit value="Log In":)|| ||
(:input end:)

Hope my questions make some sense...

Also under the topic: "Multiple passwords for a page, group or site" 
(http://gistesting.awardspace.com/pmwiki.php/PmWiki/Passwords)I see an 
example:

Set new read password: alpha beta
Set new edit password: beta

Is this some kind of script command format. The previous paragraph told 
me to use ?n=GroupName.GroupAttributes?action=attr and manually enter 
the passwords into the group attribute input fields on that Group page. 
I do  understand the relationship with multiple passwords across the 
read\edit\attr fields on a page\group.

-- 
Thanks in Advance...           http://weconsultants.prophp.org
IchBin, Philadelphia, Pa, USA  http://ichbinquotations.awardspace.com
______________________________________________________________________
'If there is one, Knowledge is the "Fountain of Youth"'
-William E. Taylor, Regular Guy (1952-)

More information about the pmwiki-users mailing list