On Thu, Jan 11, 2007 at 04:56:07PM -0500, The Editor wrote:
> First, on the subscription/unsubscriptions page, I have a page list
> used to check and see which mail lists a member is subscribed to, (the
> page allows them to subscribe/unsubscribe at the click of a
> button--and then is supposed to dynamically reflects those changes):
>
> Current Subscriptions:
> (:pagelist {$Email} group=MailList name=-Template list=normal fmt=#title:)
>
> It works fine as long as they have read permission to the MailList
> group, but when they don't it won't show any subscriptions. The
> reason is not because the pagelist is protected, but rather, I'm
> guessing, because pagelist can't read the target pages to test for the
> search criteria (their email address), all the lists fail.
That's correct. Read permission controls access to the information
about a page -- both its contents and attributes -- so if a
browser isn't authorized to read a page, it can't learn any details
about it other than the name.
Put slightly differently, many people would be unpleasantly
surprised if {$Description}, {$LastModifiedBy}, {$:TextVar},
etc. were available to people who don't have read permission on
a page.
> Any suggestions for making this work?
In the general case, no. I think you're after a finer-grained
level of access control than I had ever contemplated for PmWiki. :-)
> Second, I'm wanting to set up an email authentication system, but not
> sure the best approach.
When in doubt, follow a method that other systems use.
For a newsletter system, I'd aim to do something similar to
what mailing list managers such as mailman do.
Pm
_______________________________________________
pmwiki-users mailing list
pmwiki-users@pmichaud.com
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
