[pmwiki-users] upload page permissions...
adam overton
a at plus1plus1plus.org
Wed Jun 18 18:19:57 CDT 2008
hi
i'm trying to allow users with 'edit' permissions to upload files to
their pages.
this is my current set of permissions for the site:
$DefaultPasswords['admin'] = crypt('adminPwd'); // sets the admin
password
$DefaultPasswords['edit'] = crypt('defaultPwd'); // sets the
password to edit all pages on the entire site
$AuthCascade['upload'] = 'edit'; // if you can edit, then you can
upload
and then i have given users the ability to change their permissions
for the groups that they create and have edit privileges:
($group!="PmWiki") ) {
$AuthCascade['attr'] = 'edit'; // if you can edit, then you can
set attr
} else {
$AuthCascade['attr'] = 'admin'; // for all main Site place, set
'attr' to 'admin' password
}
this DOES allow an edit-user to upload files (for instance, users are
quite able at the moment to use the various fabulous upload recipes
available). however, for some reason users right now are unable to
access the ?action=upload page (a password is requested, and the edit
password doesn't work!!). in addition, when using attachlist, after
renaming a file (or any of the other actions), the user is redirected
to a password-request page, instead of to the appropriate upload
"success" page.
i discovered that if i assign an upload-password, everything works
fine - no password requests:
$DefaultPasswords['upload'] = crypt('defaultPwd'); // sets the
password to edit all pages on the entire site
but i'd rather have the user only set their edit password, and
thought that using the AuthCascade assignment above would pass
uploading privileges on to the edit-user. it seems to be doing that
correctly for the attr privileges...
am i doing this incorrectly? is there a better approach?
thanks in advance for the help,
adam
More information about the pmwiki-users
mailing list