On Fri, Mar 30, 2007 at 10:14:34PM -0500, Patrick R. Michaud wrote:
> On Fri, Mar 30, 2007 at 10:32:21PM -0400, Scott Connard wrote:
> > 4. Pm: Are you considering a Publish password so that publishers are
> > given special permissions via a password attr (including id and
> > groups in AuthUser)?
Rethinking a bit... the three (not two) approaches in my previous message
were:
1. Introduce a "publish" authorization level, so that "edit" authorization
is sufficient to create and update drafts, and "publish" is required to
save to the original page.
2. Introduce a "draft" authorization level, so that "edit" authorization
is required to save to the original page, and "draft" is sufficient to
create or update drafts.
3. Use a third central page that uses its edit password to define "publish
authority" for other pages.
I'm now leaning away from #3 as being too far outside the norm for the
way PmWiki handles other things, and towards either #1 or #2.
Assuming we go with #1 (introduce 'publish'), an admin wanting
full moderation on a site would do:
$EnableDrafts = 1;
$DefaultPassword['publish'] = crypt('secret');
This allows anyone with edit privileges to create or update a draft, but
only someone with the 'secret' password would be allowed to save to the
original.
Assuming we go with #2 (introduce 'draft'), an admin wanting
institute full moderation on a site would do:
$EnableDrafts = 1;
$DefaultPassword['edit'] = crypt('publishpassword');
$DefaultPassword['draft'] = '';
This says that edit privileges are required to save to the original page,
while 'draft' privileges (above indicates no password) are needed to create
or update a draft.
Of course, with either approach it would be possible to use GroupAttributes
or individual page attributes to override the default password setting.
Does either approach seem more 'natural'?
Thanks!
Pm
_______________________________________________
pmwiki-users mailing list
[email protected]
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
