[pmwiki-users] Posting Permission Patterns

The Editor editor at fast.st
Fri May 4 12:49:55 CDT 2007 

On 5/4/07, Hans <design5 at softflow.co.uk> wrote:
> I am trying to develop a good set of default patterns
> for pagenames for which posting can be allowed or prohibited by
> default. These could be changed or expanded by the admin, but should
> give a useful default.
>
> I think the following may be a useful default set, and invite you to
> comment on the choices, tell me your own preferences or what you would
> like to see as a standard default permission set:
>
>  '-$SiteGroup.*'       // no posting to pages in SiteGroup
>  '-PmWiki.*'           // no posting to pages in PmWiki group
>  '-*.GroupFooter'      // no posting to GroupFooter
>  '-*.GroupHeader'      // no posting to GroupHeader
>  '-*.GroupAttributes'  // no posting to GroupAttributes
>
> I am thinking of removing all 'allowed to post to' page patterns,
> and leave some as commented out examples an admin might wish to
> include:
>
> /*
>  // examples of page permission patterns:
>  '*.*',                // all pages in all groups except pages excluded as prohibited pages
>  'Comments.*'          // all pages in Comments group
>  'Comments.{$Group}-{$Name}' //pages in Comments group with name 'Group-Name'
>  '*.{$Name}-Comment'   // pages with -Comment prefix in any group
>  '{$FullName}-Talk'    // page with -Talk prefix in current group
>  '{$FullName}-Discuss' // page with -Discuss prefix in current group
>
>  // the following patterns for 'current page' and 'current group'
>  // could be exploited to post to edit protected pages
>  '{$Group}.{$Name}',    // current page
>  '{$Group}.*',          // all pages in current group
> */
>
> This will leave a default setup for maximum protection.
> It is up to the admin to loosen the restrictions.
> What do you think?


Thanks for starting this thread. It would be good to develop a
consensus.  I might suggest the following exclusions:

*.SideBar
*.Header
*.Footer
*.Group* (in place of the three you have)

Consider allowing posting to the same page by default.  I opted
against any enabled patterns, but am still waivering as it allows so
many useful things in ZAP that I suspect are mostly benign...

Just thoughts.  Please share your conclusion to the list.

Cheers,
Dan

More information about the pmwiki-users mailing list