[pmwiki-users] How to determine if a page requires a valid user id or a shared password?

Peter Bowers pbowers at pobox.com
Wed Oct 20 02:10:54 CDT 2010 

On Tue, Oct 19, 2010 at 8:13 PM, Lars Grau <mail at larsgrau.de> wrote:
> How can I determine by ConditionalMarkup if the requested page action requires ...
>
> - a) admin rights (and hence render username AND password field) or
> - b) a valid id (and hence render username AND password field) or
> - c) a shared password  (and hence render the password field ONLY)
> - d) a shared password OR a valid id  (and hence render username AND password field)
>
> ... according to the given action (browse/edit/upload/attr) ?
...
> How do I fill the {$RequiredPagePermission} condition ???

It's going to get more complicated before it gets solved...  The
problem is you have to deal with cascading authorization,
authorizations from various sources (page, group, config.php), etc.

I believe you can fill in {$RequiredPagePermission} using code similar
to this in config.php (assuming we completely ignore any passwords
from group and making a bunch of other assumptions):

===(snip - untested)===
$FmtPV['$RequiredPagePermission'] =
'GetRequiredPagePermission($pagename, $page)';
function GetRequiredPagePermission($pagename, $page)
{
   global $action;
   if ($action == 'edit') $tmppass = $page['passwdedit'];
   else $tmppass = $page['passwdread'];  // ignoring other actions for
simplicity - may not suffice
   if (!$tmppass) {
      if ($action == 'edit')
         $tmppass = $DefaultPasswords['edit'];
      else
         $tmppass = $DefaultPasswords['read']; // again, ignoring other actions
   }
   if (!$tmppass || strpos($tmppass, '@nopass') !== FALSE) return '';
// blank if no password
   elseif (strpos($tmppass, 'id:*') !== FALSE)
      return 'id:*';
   elseif (strpos($tmppass, 'id:') !== FALSE)
      return 'id';
   elseif (strpos($tmppass, '@lock') !== FALSE || strpos($tmppass,
'@_site_admin') !== FALSE)
      return 'admin';
   else
      return 'passwd';
}
===(snip)===

The more I look at it the less it seems to work in the "real world"
without a lot more coding to deal with other issues, but maybe it'll
get you started in the right direction?  Also I'm not sure if $page is
going to be available...?

You might also look at http://www.pmwiki.org/wiki/Cookbook/OpenPass to
see some related types of actions there...

Hope that helps.

-Peter

More information about the pmwiki-users mailing list