This scenario is explicitly supported. I suspect that your problem arises from the permissions you grant at either namespace or wiki level. Note that the default wiki permissions are to grant full permissions to everyone. Since the evaluation model is to traverse wiki-namespace-topic and evaluate the rules in order, an early grant with no later denies can wind up leaving the wiki fully open.
Here's what I'd put in a topic if I wanted to make sure every authenticated user could read it, no anonymous users could read it, and only I could edit it: :DenyRead: all :AllowRead: authenticated :AllowEdit: user:candera Note that order is important: if you put the DenyRead at the end, that's the last rule evaluated, and so everything is denied to everyone. Unlike some authorization schemes, all of the rules are always evaluated, and the last one always wins. The one that puzzles me is your case 3. That one should work the way you expect it to. The only thing I can think of is that the username isn't actually davidson.jw2. > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:flexwiki- > [EMAIL PROTECTED] On Behalf Of John Davidson > Sent: Thursday, June 28, 2007 7:05 PM > To: FlexWiki Users Mailing List > Subject: [Flexwiki-users] Topic-level Authorization Question > > I have been able to work my way through a number of topic-level > authorization scenarios, but seem unable to make a critical one I need > work correctly. > > I want every authenticated user to be able to read the topic. I want > only a single, specified user to be able to write the topic. > > (I am using hidden properties) > > Case 1 > > :AllowRead: authenticated > :AllowEdit: user:davidson.jw2 > > With the above settings the user:administrator is able to edit the > file (and should not be able to do so - my expectation?). > > When the settings are changed to - > > Case 2 > > :AllowRead: authenticated > :DenyEdit: all > > no users are able to edit > > Case 3 > > Case 2 > > :AllowRead: authenticated > :DenyEdit: all > :AllowEdit: user:davidson.jw2 > > no users are able to edit > > Is there any way, at the topic level to set one page in a namespace to > be editable by only user a and a second topic in the same namespace by > only user b? > > John Davidson > > ----------------------------------------------------------------------- > -- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _______________________________________________ > Flexwiki-users mailing list > Flexwiki-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/flexwiki-users ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Flexwiki-users mailing list Flexwiki-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/flexwiki-users
