[dokuwiki] Re: Prevent overwrite of mediafiles (was: Planned features for DokuWiki)
- From: Matthias Grimm <matthiasgrimm@xxxxxxxxxxxxxxxxxxxxx>
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Sat, 4 Jun 2005 12:00:35 +0200
On Fri, 3 Jun 2005 23:09:57 +0200
Andreas Gohr <andi@xxxxxxxxxxxxxx> wrote:
> I think such things should be checked at the server side. I thought about it
> and extended the ACL mechanism a little bit.
>
> We now have UPLOAD and DELETE permissions (the latter one includes the former
> as always). Now only users with DELETE permission are allowed to overwrite
> existing mediafiles (and as additon they can delete them as well). Overwrite
> protection was added with a simple checkbox.
Nice. :-) I like it. It is more in line with DokuWiki design than my patch.
But no light without shadow: To allow a user to overwrite media files is
dangerous enough, but also to allow them to _delete_ media files is like
to commit suicide. Particular because the references to the media file
are not checked first.
There are two options to solve this dilemma:
1. to split the DELETE permission up into two:
OVERWRITE : media files might be overwritten
DELETE : media files may also be deleted (usually for admins only).
and make the admin responsible for checking references or
2. automatically check existing references to the media file and deny to
delete it if there are still some. This could be done with the built-in
search function. This function could also be used to show the user where
these references are.
Please tell me which one do you prefer.
Best Regrads
Matthias
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist
Other related posts:
