[pmwiki-users] Find out password for one page

Patrick R. Michaud pmichaud at pobox.com
Mon Oct 2 15:30:37 CDT 2006


On Mon, Oct 02, 2006 at 10:20:25PM +0200, Mike wrote:
> > Question:  if we did this and if a password is set for a page in 
> > both config.php and its corresponding page, which one should
> > be used?
> 
> my suggestion would be that the pw of the page should be used - so that
> whatever is in config.php serves as a default value.
> 
> Would be a cool feature, at least until the AuthList will be available :-))

Well, I think the AuthList feature will actually be easier to
write (and more useful overall) than per-page and per-group passwords
in config.php.  The reason for this is not that the code is hard,
but more the amount of testing and design verification that has to be
done to make sure any changes to the authorization subsystem don't
introduce new holes or close off existing functionality.

But I'm really liking the idea of group/page password configuration 
in config.php; it would really help answer the needs of people who
want to manage all permissions from a central location (e.g., as 
the Cookbook.UserAuth recipe currently allows).

Now that I think about it, I think I even know an easy way to
implement it that wouldn't interfere with the existing authorization
system.  Hmmmm....

On the downside, this would provide *yet another* way to configure
permissions, and one of the things we already get complaints about
is that PmWiki's permission system is sometimes "too flexible"
and therefore difficult to understand.  Everyone wishes there was 
one clear, straightforward way to do things, but the problem is 
that few people agree on what that "one clear way" should be :-).

Pm




More information about the pmwiki-users mailing list