[dokuwiki] Re: ACL question
- From: "Daniel Mitchell" <DanielMitchell@xxxxxxxxxxxxx>
- To: <dokuwiki@xxxxxxxxxxxxx>
- Date: Thu, 13 Apr 2006 13:43:33 -0600
> The rule which is more precise has higher priority.
> so here has
> notebook:* @pd 1
> has higher priority than
> * @admins 16
> because
> notebook:* is more precise than *.
Okay, that explains things, so if I want an "admins" group that has
access to everything I do have to add them to every restricted namespace
(or subnamespace, etc).
I'm not sure of a good way to make this less awkward -- Chris's
suggestion:
>However, your problem may argue for an additional ACL group and/or
instruction
>(1) @UNAUTH - group of users who aren't logged in
>(2) !@smartboard - all users who don't belong to group @smartboard
wouldn't quite do the trick, because even if I can say "everyone that's
not in group smartboard has no access to project Foo", that still means
I have to say "... except that "admins" have full access to project
Foo".
I'm more looking for some way to override the hierarchy stuff above --
something like, say:
! * @admins 16
where the initial ! means "this overrides anything else". I think this
would require the ACL stuff to parse the entire ACL file before knowing
what's going on, which may not be how it works right now -- but it would
make the ACL work more like the way it does in the docs. The
http://wiki.splitbrain.org/wiki:acl page makes it sound as if ACL files
start at the top and work their way down until you've looked at every
line. I'll put something in to clarify that, I guess.
-- dan
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist
Other related posts:
