Re: [pmwiki-users] Limiting Group access via AuthUser groups
Thanks, Petko, seems to work great!
-Michael Paulukonis
http://www.xradiograph.com
http://goog_2112721603Interference Patterns (a
blog)http://www.xradiograph.com%5Cinterference
@XraysMonaLisa https://twitter.com/XraysMonaLisa
http://michaelpaulukonis.com
http://www.BestAndroidResources.com
Sent from somewhere in the Cloud
(hearthrug, by the fender)
On Thu, Oct 31, 2013 at 4:57 PM, Petko Yotov 5...@5ko.fr wrote:
michael paulukonis writes:
Is there a programmatic way to restrict group access?
I'm setting up a wiki for others to maintain, who will be creating users
and Groups.
Each Group should be restricted to one AuthUser group.
Ideally, the AuthUser group would have the same name as the Group.
This would mean that once a Group is created and users are added to the
AuthUser group, no further action would have to be taken by the
administrator.
However, I haven't figured out how to set Group restrictions without
using {Group}.GroupAttributes?**action=attr and manually setting the
group.
Would it be possible to do something like the following in
local/config.php ?
// exclude Groups like PmWiki, Main, etc.
if ($Group != 'Site') {
$DefaultPasswords['read'] = array('@$Group', 'id:admin'); // restrict
to group and admin
}
Something like this may appear to work but it may unexpectedly create read
permissions, for example via (:include...:) or via Page(Text)Variables. A
user in one Group may use (:include OtherGroup.MainPage:) and see the
rendered HTML of that OtherGroup.
It is best to enter the user group in the GroupAttributes?action=attr
page, or to programmatically create these pages.
See the recipe
http://www.pmwiki.org/wiki/**Cookbook/AutoGroupPageshttp://www.pmwiki.org/wiki/Cookbook/AutoGroupPages.
You can insert inside that function something like:
$group = FmtPageName('{$Group}', $pagename);
$template = ReadPage('Templates.**GroupAttributes');
$template['passwdread'] = @$group; # or strtolower(@$group);
$template['passwdedit'] = @$group;
$template['passwdattr'] = @$group;
WritePage($group.**GroupAttributes, $template);
See also
http://www.pmwiki.org/wiki/**PmWiki/EditVariables#**AutoCreatehttp://www.pmwiki.org/wiki/PmWiki/EditVariables#AutoCreatewhich
may potentially be of use.
Petko
__**_
pmwiki-users mailing list
pmwiki-users@pmichaud.com
http://www.pmichaud.com/**mailman/listinfo/pmwiki-usershttp://www.pmichaud.com/mailman/listinfo/pmwiki-users
___
pmwiki-users mailing list
pmwiki-users@pmichaud.com
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] Limiting Group access via AuthUser groups
michael paulukonis writes:
Is there a programmatic way to restrict group access?
I'm setting up a wiki for others to maintain, who will be creating users and
Groups.
Each Group should be restricted to one AuthUser group.
Ideally, the AuthUser group would have the same name as the Group.
This would mean that once a Group is created and users are added to the
AuthUser group, no further action would have to be taken by the
administrator.
However, I haven't figured out how to set Group restrictions without using
{Group}.GroupAttributes?action=attr and manually setting the group.
Would it be possible to do something like the following in local/config.php ?
// exclude Groups like PmWiki, Main, etc.
if ($Group != 'Site') {
$DefaultPasswords['read'] = array('@$Group', 'id:admin'); // restrict to
group and admin
}
Something like this may appear to work but it may unexpectedly create read
permissions, for example via (:include...:) or via Page(Text)Variables. A
user in one Group may use (:include OtherGroup.MainPage:) and see the
rendered HTML of that OtherGroup.
It is best to enter the user group in the GroupAttributes?action=attr page,
or to programmatically create these pages.
See the recipe http://www.pmwiki.org/wiki/Cookbook/AutoGroupPages . You can
insert inside that function something like:
$group = FmtPageName('{$Group}', $pagename);
$template = ReadPage('Templates.GroupAttributes');
$template['passwdread'] = @$group; # or strtolower(@$group);
$template['passwdedit'] = @$group;
$template['passwdattr'] = @$group;
WritePage($group.GroupAttributes, $template);
See also http://www.pmwiki.org/wiki/PmWiki/EditVariables#AutoCreate which
may potentially be of use.
Petko
___
pmwiki-users mailing list
pmwiki-users@pmichaud.com
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
[pmwiki-users] Limiting Group access via AuthUser groups
[since the two words are identical, I will be using an uppercase Group to
refer to PmWiki Groups of pages, and use a lowercase group to refer to
AuthUser groups of users]
Is there a programmatic way to restrict group access?
I'm setting up a wiki for others to maintain, who will be creating users
and Groups.
Each Group should be restricted to one AuthUser group.
Ideally, the AuthUser group would have the same name as the Group.
This would mean that once a Group is created and users are added to the
AuthUser group, no further action would have to be taken by the
administrator.
However, I haven't figured out how to set Group restrictions without using
{Group}.GroupAttributes?action=attr and manually setting the group.
Would it be possible to do something like the following in local/config.php
?
// exclude Groups like PmWiki, Main, etc.
if ($Group != 'Site') {
$DefaultPasswords['read'] = array('@$Group', 'id:admin'); // restrict to
group and admin
}
I believe I tried the above and it didn't work (I'm away from my dev
machine right now).
If something like this is possible, could it easily be extended to add
additional users or groups via GroupAttributes without modifying config.php?
-Michael Paulukonis
http://www.xradiograph.com
http://goog_2112721603Interference Patterns (a
blog)http://www.xradiograph.com%5Cinterference
@XraysMonaLisa https://twitter.com/XraysMonaLisa
http://michaelpaulukonis.com
http://www.BestAndroidResources.com
Sent from somewhere in the Cloud
(hearthrug, by the fender)
___
pmwiki-users mailing list
pmwiki-users@pmichaud.com
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] Limiting Group access via AuthUser groups
On Oct 30, 2013, at 8:23 AM, michael paulukonis xraysmalev...@gmail.com wrote:
[since the two words are identical, I will be using an uppercase Group to
refer to PmWiki Groups of pages, and use a lowercase group to refer to
AuthUser groups of users]
Is there a programmatic way to restrict group access?
I'm setting up a wiki for others to maintain, who will be creating users and
Groups.
Each Group should be restricted to one AuthUser group.
Ideally, the AuthUser group would have the same name as the Group.
This would mean that once a Group is created and users are added to the
AuthUser group, no further action would have to be taken by the administrator.
However, I haven't figured out how to set Group restrictions without using
{Group}.GroupAttributes?action=attr and manually setting the group.
Would it be possible to do something like the following in local/config.php ?
// exclude Groups like PmWiki, Main, etc.
if ($Group != 'Site') {
$DefaultPasswords['read'] = array('@$Group', 'id:admin'); // restrict to
group and admin
}
I believe I tried the above and it didn't work (I'm away from my dev machine
right now).
If something like this is possible, could it easily be extended to add
additional users or groups via GroupAttributes without modifying config.php?
-Michael Paulukonis
Not really sure if this is an answer, and I’ve not even tried this, but:
// exclude Groups like PmWiki, Main, etc.
if ( ! in_array($Group, array($SiteGroup, $SiteAdminGroup, 'PmWiki',
$DefaultGroup ) {
$group = strtolower($Group); // to refer to AuthUser group associated with
PmWiki Group?
$DefaultPasswords['read'] = array(@$group, 'id:admin'); // restrict to
group and admin. Interpolate?
}
I think you’ll want the AuthUser group here, so down case the PmWIki Group.
Also, I think you want that interpolated immediately in the assignment for
DefaultPasswords, no?
Also, the in_array thingie for checking might be a touch more robust using the
variables…
Again, just off the cuff, not tried it.
___
pmwiki-users mailing list
pmwiki-users@pmichaud.com
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] Limiting Group access via AuthUser groups
Thanks, Tamara.
Something is happening well beyond my php-fu (which is so low I don't even
have a belt).
The negative case is ALWAYS true.
Even, say in the Main or PmWiki groups.
I've dumped the array and variables to the page to check -- and it sure
looks to _me_ like the $Group should be found in the array, but PHP is
telling me it ain't so.
???
-Michael Paulukonis
http://www.xradiograph.com
http://goog_2112721603Interference Patterns (a
blog)http://www.xradiograph.com%5Cinterference
@XraysMonaLisa https://twitter.com/XraysMonaLisa
http://michaelpaulukonis.com
http://www.BestAndroidResources.com
Sent from somewhere in the Cloud
(hearthrug, by the fender)
On Wed, Oct 30, 2013 at 8:52 PM, Tamara Temple tamouse.li...@gmail.comwrote:
On Oct 30, 2013, at 8:23 AM, michael paulukonis xraysmalev...@gmail.com
wrote:
[since the two words are identical, I will be using an uppercase Group
to refer to PmWiki Groups of pages, and use a lowercase group to refer to
AuthUser groups of users]
Is there a programmatic way to restrict group access?
I'm setting up a wiki for others to maintain, who will be creating users
and Groups.
Each Group should be restricted to one AuthUser group.
Ideally, the AuthUser group would have the same name as the Group.
This would mean that once a Group is created and users are added to the
AuthUser group, no further action would have to be taken by the
administrator.
However, I haven't figured out how to set Group restrictions without
using {Group}.GroupAttributes?action=attr and manually setting the group.
Would it be possible to do something like the following in
local/config.php ?
// exclude Groups like PmWiki, Main, etc.
if ($Group != 'Site') {
$DefaultPasswords['read'] = array('@$Group', 'id:admin'); // restrict
to group and admin
}
I believe I tried the above and it didn't work (I'm away from my dev
machine right now).
If something like this is possible, could it easily be extended to add
additional users or groups via GroupAttributes without modifying config.php?
-Michael Paulukonis
Not really sure if this is an answer, and I’ve not even tried this, but:
// exclude Groups like PmWiki, Main, etc.
if ( ! in_array($Group, array($SiteGroup, $SiteAdminGroup, 'PmWiki',
$DefaultGroup ) {
$group = strtolower($Group); // to refer to AuthUser group associated
with PmWiki Group?
$DefaultPasswords['read'] = array(@$group, 'id:admin'); // restrict to
group and admin. Interpolate?
}
I think you’ll want the AuthUser group here, so down case the PmWIki
Group. Also, I think you want that interpolated immediately in the
assignment for DefaultPasswords, no?
Also, the in_array thingie for checking might be a touch more robust using
the variables…
Again, just off the cuff, not tried it.
___
pmwiki-users mailing list
pmwiki-users@pmichaud.com
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] Limiting Group access via AuthUser groups
somehow, $Group is not the same as $DefaultGroup, even when both hold the
string Main
-Michael Paulukonis
http://www.xradiograph.com
http://goog_2112721603Interference Patterns (a
blog)http://www.xradiograph.com%5Cinterference
@XraysMonaLisa https://twitter.com/XraysMonaLisa
http://michaelpaulukonis.com
http://www.BestAndroidResources.com
Sent from somewhere in the Cloud
(hearthrug, by the fender)
On Wed, Oct 30, 2013 at 11:33 PM, michael paulukonis
xraysmalev...@gmail.com wrote:
Thanks, Tamara.
Something is happening well beyond my php-fu (which is so low I don't even
have a belt).
The negative case is ALWAYS true.
Even, say in the Main or PmWiki groups.
I've dumped the array and variables to the page to check -- and it sure
looks to _me_ like the $Group should be found in the array, but PHP is
telling me it ain't so.
???
-Michael Paulukonis
http://www.xradiograph.com
http://goog_2112721603Interference Patterns (a
blog)http://www.xradiograph.com%5Cinterference
@XraysMonaLisa https://twitter.com/XraysMonaLisa
http://michaelpaulukonis.com
http://www.BestAndroidResources.com
Sent from somewhere in the Cloud
(hearthrug, by the fender)
On Wed, Oct 30, 2013 at 8:52 PM, Tamara Temple tamouse.li...@gmail.comwrote:
On Oct 30, 2013, at 8:23 AM, michael paulukonis xraysmalev...@gmail.com
wrote:
[since the two words are identical, I will be using an uppercase
Group to refer to PmWiki Groups of pages, and use a lowercase group to
refer to AuthUser groups of users]
Is there a programmatic way to restrict group access?
I'm setting up a wiki for others to maintain, who will be creating
users and Groups.
Each Group should be restricted to one AuthUser group.
Ideally, the AuthUser group would have the same name as the Group.
This would mean that once a Group is created and users are added to the
AuthUser group, no further action would have to be taken by the
administrator.
However, I haven't figured out how to set Group restrictions without
using {Group}.GroupAttributes?action=attr and manually setting the group.
Would it be possible to do something like the following in
local/config.php ?
// exclude Groups like PmWiki, Main, etc.
if ($Group != 'Site') {
$DefaultPasswords['read'] = array('@$Group', 'id:admin'); // restrict
to group and admin
}
I believe I tried the above and it didn't work (I'm away from my dev
machine right now).
If something like this is possible, could it easily be extended to add
additional users or groups via GroupAttributes without modifying config.php?
-Michael Paulukonis
Not really sure if this is an answer, and I’ve not even tried this, but:
// exclude Groups like PmWiki, Main, etc.
if ( ! in_array($Group, array($SiteGroup, $SiteAdminGroup, 'PmWiki',
$DefaultGroup ) {
$group = strtolower($Group); // to refer to AuthUser group associated
with PmWiki Group?
$DefaultPasswords['read'] = array(@$group, 'id:admin'); // restrict
to group and admin. Interpolate?
}
I think you’ll want the AuthUser group here, so down case the PmWIki
Group. Also, I think you want that interpolated immediately in the
assignment for DefaultPasswords, no?
Also, the in_array thingie for checking might be a touch more robust
using the variables…
Again, just off the cuff, not tried it.
___
pmwiki-users mailing list
pmwiki-users@pmichaud.com
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
