[dokuwiki] Re: Anti spam / Moderators & Owners

  • From: Andreas Gohr <andi@xxxxxxxxxxxxxx>
  • To: dokuwiki@xxxxxxxxxxxxx
  • Date: Wed, 29 Nov 2006 21:35:16 +0100

>  Personally, I'd be wary of adding even more levels of ACL complexity
> to dokuwiki -- I already spend more time than I'd like fiddling with
> the ACL because people decide some projects are more secret than

I agree with Daniel. I'd like to keep this as simple as possible. So
I'd suggest just a simple $conf['moderators'] option.

Keeping track of creators would need to rely on metadata for security
related stuff. I don't like this idea.

Giving moderators access to parts of the wiki only, would still be
possible with a simple moderators config option. The option should not
(like the superuser option) imply any ACL permissions. It would only
provide acess to certain admin options (like the revert manager), if the
moderator then has the permission to revert a page is only dependend on
the general ACL settings.

Example:

  $conf['moderators']=@moderators

Users (groups):

  joe  (@marketing, @moderators)
  john (@developers, @moderators)

ACL:

  *         @ALL            1     # read
  devel:*   @developers     16    # full access
  sales:*   @marketing      16    # full access


With the above, both john and joe could access the revert manager, but
only john could revert in the devel namespace. 

This should be flexible but simple enough.

Moderators should not have access to the ACL manager.

We should also think about changing the naming from "moderators" to
something like "managers" or something alike, because what I don't want
is a moderation queue (as suggested by Diego)- that's not the Wikiway.

Andi

-- 
http://www.splitbrain.org
-- 
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

Other related posts: