michael paulukonis writes:
Is there a programmatic way to restrict group access?
I'm setting up a wiki for others to maintain, who will be creating users and
Groups.
Each Group should be restricted to one AuthUser group.
Ideally, the AuthUser group would have the same name as the Group.
This would mean that once a Group is created and users are added to the
AuthUser group, no further action would have to be taken by the
administrator.
However, I haven't figured out how to set Group restrictions without using
{Group}.GroupAttributes?action=attr and manually setting the group.
Would it be possible to do something like the following in local/config.php ?
// exclude Groups like PmWiki, Main, etc.
if ($Group != 'Site') {
$DefaultPasswords['read'] = array('@$Group', 'id:admin'); // restrict to
group and admin
}
Something like this may appear to work but it may unexpectedly create read
permissions, for example via (:include...:) or via Page(Text)Variables. A
user in one Group may use (:include OtherGroup.MainPage:) and see the
rendered HTML of that OtherGroup.
It is best to enter the user group in the GroupAttributes?action=attr page,
or to programmatically create these pages.
See the recipe http://www.pmwiki.org/wiki/Cookbook/AutoGroupPages . You can
insert inside that function something like:
$group = FmtPageName('{$Group}', $pagename);
$template = ReadPage('Templates.GroupAttributes');
$template['passwdread'] = "@$group"; # or strtolower("@$group");
$template['passwdedit'] = "@$group";
$template['passwdattr'] = "@$group";
WritePage("$group.GroupAttributes", $template);
See also http://www.pmwiki.org/wiki/PmWiki/EditVariables#AutoCreate which
may potentially be of use.
Petko
_______________________________________________
pmwiki-users mailing list
[email protected]
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
