On Sat, 04 Jun 2005 12:41:07 +0200 Andreas Gohr <andi@xxxxxxxxxxxxxx> wrote: > Well no I think there is no difference between overwriting and deletion. > Both should be only allowed for adminlike people. Deleting a file is no more > devastating then overwriting a file with garbage. So I see no sense in > splicing the permission system more. Maybe my application is special to this. I once told you that I use DokuWiki in an closed (more or less trusted) environment without connection to the internet. I don't need to think of preventing sabotage but I have to spent a lot of thougthts to prevent accidents because users will usually first click, then think. :-) The Wiki is also used to store various data files (not only images) to describe a certain topic and users must be allowed once and again to update these files. So I can't limit the overwrite feature to admins only. But due to the "click first, think later" thing I had problems to allow them to delete media files without reference check. > > 1. to split the DELETE permission up into two: This was for completeness only. I neither think this solution would last long nor thought seriously of realizing it. > > 2. automatically check existing references to the media file and deny to > > delete it if there are still some. This could be done with the built-in > > search function. This function could also be used to show the user where > > these references are. > > This could make more sense, but may be a large performance overhead again. > How about an additional button to manually check for references? So "Admins" > could check before they delete. The performance overhead could be limited if we only check for references, when the user wants to delete a file. This is similar to the extra check button you suggested but doesn't need an extra button. We don't need any checks if the user doesn't want to delete anything. > So far we went with a very simple permission system for uploads and as far > as I know it did work very well. We now have a little bit more control to > avoid dataloss, but I think we shouldn't exaggerate the whole thing. If one > needs a full blown permission and history system for media files maybe > another wiki engine would be the better choice... I'd like to keep DokuWiki > as simple as possible. I fully agree to this :-) I'm interested in a simple and efficient DokuWiki engine too. My intention is to protect my users against possible consequences of their doings which they can't overlook. Deleting media files and possible broke a lot of references is such a case. I will try to implement such a reference check and then you could decide if it is over-the-top. What do you think? Best Regards Matthias -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist