Hi Mart, yes it makes sense...
do you know if there is any way to add some logic into the wiki pages ? I was thinking of adding some authorization logic straight into the pages.... On Thu, Feb 24, 2011 at 8:30 AM, mart <[email protected]> wrote: > Hi Sebastian, > > sorry for the wait (crazy day). So, I remember a few things now... but > first > > so this is how its setup for @ work: > > I have 3 groups (or roles setup); > > 1. editor (can edit stuff) > 2. tableadmin (can edit tables) > 3. RM (just for me and my team) > > > > so to make sure, I made a dummy app and stated from scratch. here are > the steps (an comments) > > > 3 users: Me, fred flintstone, and barney ruble > > there are 2 groups: editor (can edit wiki pages) > admin (can edit tables) > > steps I took... > > DB administration: > 1. So, there's me, as user 1. :) > 2. I create a group (role) 'editor' (auth_group) > 3. I make myself a member. I go to the (auth_membership) > 4. I create user 2, fred flintstone > 5. Fred should edit tables, so he now a member of group 'admin' > 6. I create user barney ruble > 7. barney is just a user, so no groups for him > > set up the pages 3 pages: > 1. page:Home (Active & Public - group editor has the role) > * we can all see it, bit only an editor can change the content. > > 2. page:tables (Active & private - group admin) > * I can not set the to group admin, because I am not a member > * I log in as fred, and set it to role 'admin' *fred is good with > that > * log back in as me > * page:tables gives me a error 404 (as expected) > * I can see and edit home (good as expected) > 3. page: request (Active & private) privilege goes to "editor" (user > 1, me, is good. He can see and edit > > Linking to pages outside of wiki. ANyone can link to pages outside of > wiki, except if I do this some of these things: > @auth.requires_membership('admin') > > If I set that above <app>/<controller>/tables() function, will give me > a 404 error (even f I am editor. So I fix it: <app>/<controller>/ > tables with @auth.requires_membership('editor.') > > If I log in as Barney, I can not see or not edit page:Tables & > page:rRequest (but Barney can see the menu items). TO make Barney > blind to them, I think you can uncheck the "Active" option (now no one > can see it, but if we leave the roles in place, those who can edit, > can type in the URL, and will get to the page that way. THose who can > not, will not see or hope to edit the page.... > > > Hope this helps (and makes any sense at this hour) :) > > > On Feb 23, 9:31 am, mart <[email protected]> wrote: > > I'll log to work and check how exactly things are setup and let you > > know. all seems to be working on this end - except that I let users > > not logged in get that 404 exception... I'll let you know > > shortly :) > > > > Mart :) > > > > On Feb 23, 6:08 am, "Sebastian E. Ovide" <[email protected]> > > wrote: > > > > > > > > > > > > > > > > > Hi Mart, > > > > > On Wed, Feb 23, 2011 at 12:06 AM, Mart <[email protected]> wrote: > > > > > > So, I notice I skipped something... So the I meant to say... Yuu > create a > > > > "group" called 'editor', then give the users that who should be able > to > > > > edit, a membership to group editor (from table auth_memebership --> > pull > > > > down menu, choose the users one at a time). > > > > > yes, that is what I did... but I've assigned a role "editor" manually > (that > > > I should not) > > > > > > This will give some the 'editor' privilege, and other will have > read... > > > > as for your 3rd option, you have the choice... either bloc access > > > > completely, if not logged in, or create a "users" group,add a > membership to > > > > those who should read. Anybody else should fall in 404 error. > > > > > still not working... > > > > > basically what I did was: > > > 1) assign role "users" to the page (so that users part of the group > "users" > > > can READ it) > > > 2) make it private (so that anonymous cannot read it) > > > 3) add the editors users to the "editor" group AND also to the "users" > group > > > (so that editors can EDIT and READ it) > > > > > but what I get is > > > > > 1) ??: users (belonging to the group "users") cannot reach the page: > 404 NOT > > > FOUND > > > 2) partially OK: anonymous cannot reach the page. Forwarded to login > page > > > but after that they are NOT forwarded to the wiki page > > > 3) OK: editor can READ and EDIT page > > > > > what I'm doing wrong ? > > > > > > On 2011-02-22, at 6:13 PM, Sebastian E. Ovide wrote: > > > > > > Hey Mat, > > > > > > I've did a couple of experiments and found some add behaviour.. > > > > > > so I've created a group "editor" and created two users: "editor" and > > > > "user". The user "editor" belongs to "editor" and the user "user" > doesn't. > > > > Then I've created 4 pages with different configurations and observed > how the > > > > wiki behaved: > > > > > > the user editor can always READ/WRITE > > > > > > 1) public, role=null > > > > anonymous can READ > > > > user can READ > > > > > > 2) public, role=editor > > > > anonymous: 404 NOT FOUND > > > > user: 404 NOT FOUND > > > > > > 3) private, role=null > > > > anonymous: asked for login/password => after login forward to index > (no > > > > wiki) > > > > user: 404 NOT FOUND > > > > > > 4) private, role=editor > > > > anonymous: asked for login/password => after login forward to index > (no > > > > wiki) > > > > user: 404 NOT FOUND > > > > > > 5) unexciting page > > > > anonymous: asked for login/password => after login forward to index > (no > > > > wiki) > > > > reader: 404 NOT FOUND > > > > > > so how can I create a page (if it is already possible with the > current > > > > version) that can be EDITED by a user in editor, READ by > authenticated > > > > users and hidden to anonymous users ? > > > > > > thanks > > > > > > On Tue, Feb 22, 2011 at 5:55 PM, Martin Senecal < > [email protected]>wrote: > > > > > >> Hey Sebastian, > > > > > >> How are you setting up memberships? > > > > > >> So, I think this is what Massimo intended; > > > > > >> from auth_user table: > > > >> 1 Sebastian > > > >> 2 Pierre > > > >> 3 Guy > > > >> 4 Manon > > > > > >> then, you can go to auth_memebership and create a new membership > called > > > >> 'editor' (notice Massimo uses singlular to define group and table > names - > > > >> just his preference, because it codes nicer ;) ) > > > > > >> once you type your new auth_membership name, you add members form > the > > > >> auth_user table (the drop down points to them already), you just add > the > > > >> ones you want to give 'editor' privileges to. Other users can be > left as is. > > > >> When users loggin, and go to a wiki page where you set the > privileges, the > > > >> wiki will know all about what the logged in user can or can not do. > > > > > >> then in plugin_wiki, > > > > > >> there are those 2 settings > > > >> if "active" then everyone can see it, if not only "editor" > members > > > >> can (but I think everyone can see the menu item regardless). > > > > > >> This should work.. > > > > > >> Also, yes it would nice to manage all those privileges in one spot > and > > > >> have different levels and possible combinations of "rights" vs > "privileges". > > > >> I think otherwise, expanding those permissions would be to use > > > >> auth_permission (if getting started with that, I would suggest > making a copy > > > >> of you app and playing in there to start with - I wish I had ;) ) > > > > > >> Hope it helps > > > > > >> Mart :) > > > > > >> On Tue, Feb 22, 2011 at 12:21 PM, Sebastian E. Ovide < > > > >> [email protected]> wrote: > > > > > >>> Hi Mart, > > > > > >>> that is what I'm trying to do... some editors, some people with > read only > > > >>> access (logged in people) and rest with not any right... still > could not get > > > >>> it work.. > > > > > >>> assigning a user EDITOR to the groups EDITORS and setting a page as > NO > > > >>> public and with role EDITORS will grant access to EDITORS but > nobody will > > > >>> read it (bug here: users wont read it but will be able to open to > editor > > > >>> !!!!) > > > > > >>> I guess that the plug in would need a EDIT ROLE and WRITE ROLE... > > > > > >>> On Tue, Feb 22, 2011 at 4:48 PM, mart <[email protected]> > wrote: > > > > > >>>> I think the idea is to create groups... > > > > > >>>> I.e. > > > >>>> group 'editor' --> can do stuff > > > >>>> group 'users' --> can read stuff > > > > > >>>> But, if the page's permissions are set to "open" & "active", and > you > > > >>>> have yourself in the "editor" group, then you will be able to > edit, > > > >>>> and users will be able to see (without having to create group > "users") > > > > > >>>> At least, that's how its working out for me... > > > > > >>>> Hope it helps, > > > >>>> Mart :) > > > > > >>>> On Feb 22, 11:27 am, "Sebastian E. Ovide" < > [email protected]> > > > >>>> wrote: > > > >>>> > actually only the user that has created the page can see the > menu > > > >>>> PAGE. > > > > > >>>> > so userONE creates a page (public, active, with no roles) ... he > can > > > >>>> see it > > > >>>> > and any other user can see it... but only userONE can see PAGES > from > > > >>>> the > > > >>>> > menu. > > > > > >>>> > if userTWO tries to open /myapp/plugin_wiki/index he will get; > Not > > > >>>> > authorized > > > >>>> > ACCESS DENIED > > > > > >>>> > On Tue, Feb 22, 2011 at 3:53 PM, Sebastian E. Ovide < > > > > > >>>> > [email protected]> wrote: > > > >>>> > > Hi All, > > > > > >>>> > > I've created a public page and as expected I can see it even > if I'm > > > >>>> not > > > >>>> > > logged in. Nevertheless the menu PAGE is not visible if I'm > not > > > >>>> logged in. > > > > > >>>> > > Is it working as expected ? > > > > > >>>> > > thanks > > > > > >>>> > > -- > > > >>>> > > Sebastian E. Ovide > > > > > >>>> > -- > > > >>>> > Sebastian E. Ovide > > > > > >>> -- > > > >>> Sebastian E. Ovide > > > > > > -- > > > > Sebastian E. Ovide > > > > > -- > > > Sebastian E. Ovide > -- Sebastian E. Ovide
