> Depends what they're allowed to alter. A guestbook
> is a simple example of a part of a site that is usually
> left open to unauthorized input.
OK, this is possible in the new model.
> The real problem here is that the current version obliges
> you to be authenticated as admin to do something as
> simple as create an article, which means that to allow
> the contribution of an outside user, you must authenticate
> as admin and employ a second level of protection to control
> access.
This is not fully correct: to add topics/articles to a topic
tree you need to be member of the owning group _or_ admin. But
in order to verify that you're a member of said group you still
need to authenticate yourself.
> At the moment, I'm not sure how this could be implemented in
> a sane way... any ideas?
ATM I'd use direct access on the database (effectively bypassing
Midgards'
access controls).
emile
--
This is The Midgard Project's mailing list. For more information,
please visit the project's web site at http://www.midgard-project.org
To unsubscribe the list, send an empty email message to address
[EMAIL PROTECTED]
