> > In fact, it seems the Midgard administrator must be
> > authenticated for any of the create functions to work.
> > Is this correct?
>
> Correct. As stated before, the new ACL model will allow you to
> open this up, but usually, wouldn't you explicitly want people
> to be authenticated before they get the possibility to alter
> your site?
Depends what they're allowed to alter. A guestbook
is a simple example of a part of a site that is usually
left open to unauthorized input.
The real problem here is that the current version obliges
you to be authenticated as admin to do something as
simple as create an article, which means that to allow
the contribution of an outside user, you must authenticate
as admin and employ a second level of protection to control
access. At the moment, I'm not sure how this could be
implemented in a sane way... any ideas?
Paul N.
--
This is The Midgard Project's mailing list. For more information,
please visit the project's web site at http://www.midgard-project.org
To unsubscribe the list, send an empty email message to address
[EMAIL PROTECTED]
