[pmwiki-users] edit perms in Profiles

[noskule]

H. Fox schrieb:
> On 7/3/07, noskule <noskule at gmx.net> wrote:
>> H. Fox schrieb:
>> > On 7/3/07, noskule <noskule at gmx.net> wrote:
>> >> hi list
>> >> is there a way to limit edit permission in the profiles group only for
>> >> pages with the same name as the authors name, ie
>> >>
>> >> UserA can only edit Profiles.UserA but not Profiles.UserB
>> >
>> > Try this local/Profiles.php script:
>> >
>> >   <?php if (!defined('PmWiki')) exit();
>> >   ## Author's name must match the page name in order to edit.
>> >   if ($action == 'edit' && ! CondAuth(@$pagename, 'admin')) {
>> >     @include_once($FarmD.'/scripts/author.php');
>> >     if ($Author && $Author != @PageVar($pagename, '$Name')) {
>> >       $action='browse'; }
>> >   }
>> >
>> > Hagan
>> >
>>
>> hi hagan
>> thanks for the snipset, this basically work, but there is an issue. If a
>> user tries to edit a other users profiles page it doesn't show a  "don't
>> have permission" message with the login screen but shows the page.
>> That's not to bad, but also the if directive dosn't work (:if auth
>> edit:) is true on every profiles page.
> 
> I'm sure there is, but I don't know how.  Originally I tried something
> like this in config.php
> 
>   @include_once($FarmD.'/scripts/author.php');
>   if ($Author != @PageVar($pagename, '$Name')) {
>     $DefaultPasswords['edit'] = '*'; }
> 
> thinking it would lock the page, but pages wouldn't lock for some reason.
> 
> These conditionals might be useful:
> 
>   (:if equal {$Author} {$Name}:)
>   (:if ! equal {$Author} {$Name}:)
> 
> See also http://www.pmwiki.org/wiki/PITS/00538
> 
> Hagan
> 

hi hagan
I changed the part:
  $action='browse'
to:
  $action='login'

this seams to work. The only thing i see is a missing cancel button so
the user gets back to the page if he sees that he hasn't edit perms.

what you think?
grz nos