Hi Sebastian,
sorry for the wait (crazy day). So, I remember a few things now... but
first
so this is how its setup for @ work:
I have 3 groups (or roles setup);
1. editor (can edit stuff)
2. tableadmin (can edit tables)
3. RM (just for me and my team)
so to make sure, I made a dummy app and stated from scratch. here are
the steps (an comments)
3 users: Me, fred flintstone, and barney ruble
there are 2 groups: editor (can edit wiki pages)
admin (can edit tables)
steps I took...
DB administration:
1. So, there's me, as user 1. :)
2. I create a group (role) 'editor' (auth_group)
3. I make myself a member. I go to the (auth_membership)
4. I create user 2, fred flintstone
5. Fred should edit tables, so he now a member of group 'admin'
6. I create user barney ruble
7. barney is just a user, so no groups for him
set up the pages 3 pages:
1. page:Home (Active & Public - group editor has the role)
* we can all see it, bit only an editor can change the content.
2. page:tables (Active & private - group admin)
* I can not set the to group admin, because I am not a member
* I log in as fred, and set it to role 'admin' *fred is good with
that
* log back in as me
* page:tables gives me a error 404 (as expected)
* I can see and edit home (good as expected)
3. page: request (Active & private) privilege goes to "editor" (user
1, me, is good. He can see and edit
Linking to pages outside of wiki. ANyone can link to pages outside of
wiki, except if I do this some of these things:
@auth.requires_membership('admin')
If I set that above <app>/<controller>/tables() function, will give me
a 404 error (even f I am editor. So I fix it: <app>/<controller>/
tables with @auth.requires_membership('editor.')
If I log in as Barney, I can not see or not edit page:Tables &
page:rRequest (but Barney can see the menu items). TO make Barney
blind to them, I think you can uncheck the "Active" option (now no one
can see it, but if we leave the roles in place, those who can edit,
can type in the URL, and will get to the page that way. THose who can
not, will not see or hope to edit the page....
Hope this helps (and makes any sense at this hour) :)
On Feb 23, 9:31 am, mart <msenecal...@gmail.com> wrote:
> I'll log to work and check how exactly things are setup and let you
> know. all seems to be working on this end - except that I let users
> not logged in get that 404 exception... I'll let you know
> shortly :)
>
> Mart :)
>
> On Feb 23, 6:08 am, "Sebastian E. Ovide" <sebastian.ov...@gmail.com>
> wrote:
>
>
>
>
>
>
>
> > Hi Mart,
>
> > On Wed, Feb 23, 2011 at 12:06 AM, Mart <msenecal...@gmail.com> wrote:
>
> > > So, I notice I skipped something... So the I meant to say... Yuu create a
> > > "group" called 'editor', then give the users that who should be able to
> > > edit, a membership to group editor (from table auth_memebership --> pull
> > > down menu, choose the users one at a time).
>
> > yes, that is what I did... but I've assigned a role "editor" manually (that
> > I should not)
>
> > > This will give some the 'editor' privilege, and other will have read...
> > > as for your 3rd option, you have the choice... either bloc access
> > > completely, if not logged in, or create a "users" group,add a membership
> > > to
> > > those who should read. Anybody else should fall in 404 error.
>
> > still not working...
>
> > basically what I did was:
> > 1) assign role "users" to the page (so that users part of the group "users"
> > can READ it)
> > 2) make it private (so that anonymous cannot read it)
> > 3) add the editors users to the "editor" group AND also to the "users" group
> > (so that editors can EDIT and READ it)
>
> > but what I get is
>
> > 1) ??: users (belonging to the group "users") cannot reach the page: 404 NOT
> > FOUND
> > 2) partially OK: anonymous cannot reach the page. Forwarded to login page
> > but after that they are NOT forwarded to the wiki page
> > 3) OK: editor can READ and EDIT page
>
> > what I'm doing wrong ?
>
> > > On 2011-02-22, at 6:13 PM, Sebastian E. Ovide wrote:
>
> > > Hey Mat,
>
> > > I've did a couple of experiments and found some add behaviour..
>
> > > so I've created a group "editor" and created two users: "editor" and
> > > "user". The user "editor" belongs to "editor" and the user "user" doesn't.
> > > Then I've created 4 pages with different configurations and observed how
> > > the
> > > wiki behaved:
>
> > > the user editor can always READ/WRITE
>
> > > 1) public, role=null
> > > anonymous can READ
> > > user can READ
>
> > > 2) public, role=editor
> > > anonymous: 404 NOT FOUND
> > > user: 404 NOT FOUND
>
> > > 3) private, role=null
> > > anonymous: asked for login/password => after login forward to index (no
> > > wiki)
> > > user: 404 NOT FOUND
>
> > > 4) private, role=editor
> > > anonymous: asked for login/password => after login forward to index (no
> > > wiki)
> > > user: 404 NOT FOUND
>
> > > 5) unexciting page
> > > anonymous: asked for login/password => after login forward to index (no
> > > wiki)
> > > reader: 404 NOT FOUND
>
> > > so how can I create a page (if it is already possible with the current
> > > version) that can be EDITED by a user in editor, READ by authenticated
> > > users and hidden to anonymous users ?
>
> > > thanks
>
> > > On Tue, Feb 22, 2011 at 5:55 PM, Martin Senecal
> > > <msenecal...@gmail.com>wrote:
>
> > >> Hey Sebastian,
>
> > >> How are you setting up memberships?
>
> > >> So, I think this is what Massimo intended;
>
> > >> from auth_user table:
> > >> 1 Sebastian
> > >> 2 Pierre
> > >> 3 Guy
> > >> 4 Manon
>
> > >> then, you can go to auth_memebership and create a new membership called
> > >> 'editor' (notice Massimo uses singlular to define group and table names
> > >> -
> > >> just his preference, because it codes nicer ;) )
>
> > >> once you type your new auth_membership name, you add members form the
> > >> auth_user table (the drop down points to them already), you just add the
> > >> ones you want to give 'editor' privileges to. Other users can be left as
> > >> is.
> > >> When users loggin, and go to a wiki page where you set the privileges,
> > >> the
> > >> wiki will know all about what the logged in user can or can not do.
>
> > >> then in plugin_wiki,
>
> > >> there are those 2 settings
> > >> if "active" then everyone can see it, if not only "editor" members
> > >> can (but I think everyone can see the menu item regardless).
>
> > >> This should work..
>
> > >> Also, yes it would nice to manage all those privileges in one spot and
> > >> have different levels and possible combinations of "rights" vs
> > >> "privileges".
> > >> I think otherwise, expanding those permissions would be to use
> > >> auth_permission (if getting started with that, I would suggest making a
> > >> copy
> > >> of you app and playing in there to start with - I wish I had ;) )
>
> > >> Hope it helps
>
> > >> Mart :)
>
> > >> On Tue, Feb 22, 2011 at 12:21 PM, Sebastian E. Ovide <
> > >> sebastian.ov...@gmail.com> wrote:
>
> > >>> Hi Mart,
>
> > >>> that is what I'm trying to do... some editors, some people with read
> > >>> only
> > >>> access (logged in people) and rest with not any right... still could
> > >>> not get
> > >>> it work..
>
> > >>> assigning a user EDITOR to the groups EDITORS and setting a page as NO
> > >>> public and with role EDITORS will grant access to EDITORS but nobody
> > >>> will
> > >>> read it (bug here: users wont read it but will be able to open to editor
> > >>> !!!!)
>
> > >>> I guess that the plug in would need a EDIT ROLE and WRITE ROLE...
>
> > >>> On Tue, Feb 22, 2011 at 4:48 PM, mart <msenecal...@gmail.com> wrote:
>
> > >>>> I think the idea is to create groups...
>
> > >>>> I.e.
> > >>>> group 'editor' --> can do stuff
> > >>>> group 'users' --> can read stuff
>
> > >>>> But, if the page's permissions are set to "open" & "active", and you
> > >>>> have yourself in the "editor" group, then you will be able to edit,
> > >>>> and users will be able to see (without having to create group "users")
>
> > >>>> At least, that's how its working out for me...
>
> > >>>> Hope it helps,
> > >>>> Mart :)
>
> > >>>> On Feb 22, 11:27 am, "Sebastian E. Ovide" <sebastian.ov...@gmail.com>
> > >>>> wrote:
> > >>>> > actually only the user that has created the page can see the menu
> > >>>> PAGE.
>
> > >>>> > so userONE creates a page (public, active, with no roles) ... he can
> > >>>> see it
> > >>>> > and any other user can see it... but only userONE can see PAGES from
> > >>>> the
> > >>>> > menu.
>
> > >>>> > if userTWO tries to open /myapp/plugin_wiki/index he will get; Not
> > >>>> > authorized
> > >>>> > ACCESS DENIED
>
> > >>>> > On Tue, Feb 22, 2011 at 3:53 PM, Sebastian E. Ovide <
>
> > >>>> > sebastian.ov...@gmail.com> wrote:
> > >>>> > > Hi All,
>
> > >>>> > > I've created a public page and as expected I can see it even if I'm
> > >>>> not
> > >>>> > > logged in. Nevertheless the menu PAGE is not visible if I'm not
> > >>>> logged in.
>
> > >>>> > > Is it working as expected ?
>
> > >>>> > > thanks
>
> > >>>> > > --
> > >>>> > > Sebastian E. Ovide
>
> > >>>> > --
> > >>>> > Sebastian E. Ovide
>
> > >>> --
> > >>> Sebastian E. Ovide
>
> > > --
> > > Sebastian E. Ovide
>
> > --
> > Sebastian E. Ovide
