I want to set up our ACL here so that we have the following: everyone can read everything except for namespaces A,B,C,D,E -- for those, people in group G_A (G_B, etc) can edit them all, people in group G1 and G2 can read them, and people in group G3 can edit them all. I was hoping I could do something like this: * @ALL 1 A:* @ALL 0 A:* @G_A 16 B:* @ALL 0 B:* @G_B 16 ... for C,D,E * @G1 1 * @G1 2 * @G3 16 So that we'd let everyone read everything; restrict the namespaces so that only people in the namespace-specific group have full access, then reopen things up so that people in G1/G2 have read access to everything, and G3 has full access everywhere. It doesn't seem to work that way -- instead, I have to do A:* @ALL 0 A:* @G_A 16 A:* @G1 1 A:* @G2 1 A:* @G3 16 .. and then those five lines for B,C,D,E etc. Is there some way to get the ACL to do what I want? One option would be to move namespaces A,B,C,D,E all into one parent namespace and do the G1/G2/G3 restrictions on that namespace, but there's 477 pages in those namespaces and I really don't want to do anything that'll mean I have to check them all by hand.. thanks, -- dan -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist