[dokuwiki] Re: Group Access Control Management Issue
- From: Guy Brand <gb@xxxxxxxxxx>
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Mon, 6 Sep 2010 23:33:06 +0200
On Sep 03, Joshua Evans wrote:
Hello
> Our wiki has grown substantially large and robust, but we are needing to do
> a security audit of sorts, and some restructuring. I've been asked to find
> out what groups have access to what pages. So far, the only way I've seen to
> do this is to manually go through and check access control management for
> each and every page... it's a nightmare. Is there some way to quickly check
> by group what pages in the wiki they have access to?
I have a simple script calling auth_aclcheck and parsing a page located
in the root namespace of the wiki containing a serie of (page, user,
group) I want to check. Examples:
page;joe;foo;0
pub:page;;;1
secret:*;joe;user;0
First test will fail if joe or group foo has access to the page "page"
Second test will fail if anonymous access is not possible on page "pub"
Third test will fail if joe or group user has access to the namespace "secret"
I'm not sure this fits your need, as you have to write tests (triplets)
in a file before validating them. Of course some scripting can easily
populate the file to match the ACLs you want to check.
I haven't build a plugin around the test script, because there was no
need for anyone else but me (in our wiki) to verify the ACLs and I'm the
only one setting up restricted namespaces. The script is just a safety
belt I run to be sure I haven't broken any jail by inadvertance when I
change or add an ACL.
http://dokuwiki.pastebin.com/zBJczp9Z
--
bug
--
DokuWiki mailing list - more info at
http://www.dokuwiki.org/mailinglist
Other related posts:
