[pmwiki-users] a read-only wiki

mike moller mike.moller at gmail.com
Wed Aug 13 20:36:01 CDT 2008 

Hi Sofia
 here's a "brute force and ignorance" method that I dreamed up to
 secure my public sites to be read only

 # --------------- MM  to suppress editing on public site --------- 19
 jun 06 --------
      $FmtPV['$EditSupressed'] = "'0'";  # ------------ edit mode
 ----------------
 if (!file_exists("local/<filename known only to me>.php"))
    { $HandleActions['edit'] = 'HandleBrowse' ;
          $FmtPV['$EditSupressed'] = "'1'";  # ------------ edit supressed
          $LinkPageCreateFmt = '$LinkText'; # eliminate the links
 non-existent pages on public site -------
          }

 explanation
 1. that group of lines is a local addition to my config.php
 2. the variable $EditSuppressed can be tested for within my pages - I
 mainly use it to suppress some menu items that I don't want to be
 visible on a public site
 3. setting $HandleActions['edit'] prevents the parsing algorithms in
 pmwiki.php (et al) from treating any action as being editable and
 pre-empts those actions into browsing instead.
 4. the last line suppresses those superscripts that indicate
non-existent pages.

 The critical element in all this is that the 'semaphore' file does not
 exist on my public sites so they become read only. On my private
 development/maintenance sites the (dummy) 'semaphore' file is present
 so I can edit stuff, see the hidden menu items and also see the
 non-existent page flags.

 cheers

--
 Mike Moller
 Lallybroch Alpacas
 New Zealand
 www.lallybroch.co.nz




 On 8/14/08, Sofia M <sofiam at gmail.com> wrote:
 > Thanks Randy,
 >  However, I'd like to see all my security 'settings' in one place, so
 >  is there a way to set the same params as in here -
 >
 >  http://www.example.com/pmwiki/pmwiki.php?n=GroupName.GroupAttributes?action=attr
 >
 >  via config.php?
 >
 >  whats' the syntax?
 >
 >  I don't want to set anything via the pages or groups themselves - that
 >  way I'll never remember what is password-protected and what's not,
 >  etc..
 >  I'd prefer to set everything through config.php
 >
 >
 >  Sofia
 >
 >
 >
 >  On Mon, Aug 11, 2008 at 8:52 PM, Randy Brown
<randy at brownragfilms.com> wrote:
 >  > All the info you need should be in
 >  > http://www.pmwiki.org/wiki/PmWiki/AuthUser.
 >  > If you are defining users in config.php, make sure you include the
 >  > authuser.php script after the user configurations.
 >  > Just create a group of editors and another group of administrators (or use
 >  > the built-in admin if you'll never want to share that power). Set your
 >  > default read permissions to @nopass and your default edit attribute and
 >  > upload permissions to your editors group (e.g. @Editors). For
the site group
 >  > end the URL with "?n=Site.GroupAttributes?action=attr" to set the group
 >  > attributes for the Site group so that only the administrator(s)
can edit in
 >  > that group. That should do it. If it doesn't, be specific about what isn't
 >  > working.
 >  > Hope that helps,
 >  >
 >  > Randy
 >  >
 >  >
 >  > On Aug 11, 2008, at 8:23 PM, Sofia M wrote:
 >  >
 >  > Hi all,
 >  > For a week, I've been trying and reading up on how to make our wiki
 >  > 'read only' for the world, and only editable for authorized users.
 >  > I couldn't find one place that listed all of the small things that I
 >  > needed to disable, to password-protect, etc...
 >  > And I still can't get everything to work properly.
 >  >
 >  > Here's the set-up that I'd like:
 >  >
 >  > 1) Everything is visible to 'the world'
 >  > 2) All 'edits', changes in page attributes, page creations, page
 >  > deletions, group additions, in general - any modifications at all -
 >  > are only allowed to a small group of authorized users.
 >  > 3) Authorized users defined in local/config.php, each with their own
 >  > login/password, I've been trying to set that up with authuser
 >  > 4) Any changes to 'Site' group are allowed only for administrator.
 >  >
 >  > Seems like this should be conceptually easy to do, and in my opinion,
 >  > warrants some sort of a instructional manual - the only things I could
 >  > find on pmwiki.org were bits and pieces all in different places
 >  >
 >  > Is there a page somewhere that describes how to make this set-up work?
 >  > Not just 'how to prevent users from deleting pages', or 'how to
 >  > password-protect attribute changes' - but all of this, together, with
 >  > hints on what else I might be missing
 >  >
 >  > thanks,
 >  > Sofia
 >  >
 >  > _______________________________________________
 >  > pmwiki-users mailing list
 >  > pmwiki-users at pmichaud.com
 >  > http://www.pmichaud.com/mailman/listinfo/pmwiki-users
 >  >
 >  >
 >
 >  _______________________________________________
 >  pmwiki-users mailing list
 >  pmwiki-users at pmichaud.com
 >  http://www.pmichaud.com/mailman/listinfo/pmwiki-users
 >


-- 
Mike Moller
Lallybroch Alpacas
New Zealand
www.lallybroch.co.nz

More information about the pmwiki-users mailing list