> The default recipe of common + system could cover everyone and the
> other recipes for specific users, but I haven't tried setting user
> roles, policies as I currently am the only user :-)
Hehe. Till now I was also using TiddlyWeb on my own laptop and ignored
roles and really anything to do with access control.
> I'm hoping something like this will work:
> twanager bag foobar
> {"policy": {"write":["user1","user8", "user11"]}}
> ^D
That looks right to me, but since we're on the topic, the docs on
TiddlyWeb suggest an alternative to the above approach worth
considering. Instead of long lists of user names in policies, roles
can be utilized. I think they provide a clearer way of organizing
access control, and actually prove more flexible and easier to
maintain over time; especially with a changing list of users and a
multitude of bags.
The equivalent of the above using roles I think looks like:
*Add the 3 users to a role, call it 'Contributors'.
twanager adduser user1 password1 Contributors
twanager adduser user8 password8 Contributors
twanager adduser user11 password11 Contributors
*Then add the role to the bag ("R:" indicates a role):
twanager bag foobar
{"policy": {"write":["R:Contributors"]}}
^D
I don't think this makes much difference when dealing with one bag.
But even with two bags the use of roles becomes beneficial. When an
user needs to be added they can be created with one role that gives
them access to any number of bags and recipes, rather than editing the
policy of each bag and/or recipe everytime a new user is added.
Something to note in the docs when adding roles to an existing user:
"When you update an existing user from the command line it is just
like creating the user anew. There is (as yet) no true update
functionality. Because of this, when you add a role to an existing
user (from the command line), you will be resetting their password."
I don't know how regularly roles would be added to users in practice,
but I think having the user's password reset each time is going to be
troublesome.
I ought to warn you what I wrote is not (yet) based on real world
experience, just speculation :)
On Jun 8, 2:24 pm, tony <[email protected]> wrote:
> On Jun 7, 9:22 pm, Oveek <[email protected]> wrote:
>
> > I'm thinking this sort of thing doesn't fit very well in the current
> > policy scheme. It's messier because it seems to venture into the realm
> > of per tiddler permissions. Any ideas how this might be done?
>
> I was wondering about these policy and role settings too as the only
> stage I'm at is making recipes:
>
> $twanager recipe user1
> /bags/system/tiddlers
> /bags/user1/tiddlers
> ^d
> ...
> repeat for usersN
>
> The default recipe of common + system could cover everyone and the
> other recipes for specific users, but I haven't tried setting user
> roles, policies as I currently am the only user :-)
>
> I'm hoping something like this will work:
> twanager bag foobar
> {"policy": {"write":["user1","user8", "user11"]}}
> ^D
>
> Source:http://tiddlyweb.peermore.com/wiki/recipes/docs/tiddlers/How%20do%20I...
>
> Hopefully, someone can post their real world experiences with using
> roles and policies.
>
> Please :-)
>
> Thank you,
> tony
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TiddlyWikiDev" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/TiddlyWikiDev?hl=en
-~----------~----~----~----~------~----~------~--~---
