[dokuwiki] Viewing access for current page?

  • From: "Daniel Mitchell" <DanielMitchell@xxxxxxxxxxxxx>
  • To: <dokuwiki@xxxxxxxxxxxxx>
  • Date: Fri, 27 Jan 2006 15:38:45 -0700

 Is there any way to get dokuwiki to show the user the list of people
that have access to the current page? I know about the ACL plugin, but
this would be for non-admins, and in particular for people that do _not_
have access to a given page.

 Context: currently we're using plaintext auth for our wiki and it works
just fine, but we're thinking about moving to use the windows Active
Directory so people only have one login ID and password to use. That'll
work fine as far as logging in goes, but it means that the AD groups now
become the important ones rather than the wiki ones, and I don't
maintain those.

 So what I'm looking for is a way for a user to hit a page they don't
have access to, and they can then somehow find out that only "Software",
"ProjectFoo", and "Admins" have access to that page -- they then mail
the network admins here and say "please add me to the ProjectFoo group"
or whatever.

 Otherwise, every time someone doesn't have access, they'll email me,
I'll log in and check the ACL stuff manually, I'll email the network
guys, they'll change things around and get back to me, I'll get back to
the original user, and I'd much rather not be in the middle of that
lot.. 

 (this only really makes sense if the groups for a user are wrong more
often than the ACL for a page, of course)

 Assuming I haven't missed a way to do it, I can see two problems:

 1. This feels like it might be a security hole, though I'm not sure
exactly how.

 2. It doesn't look as if dokuwiki's ACL code works this way around, so
I'd need to write my own version of auth_aclcheck that pulled info out
of the ACL by page rather than by user.

 
 So is this possible as it stands, am I missing some big security hole,
and does this even make sense in the first place?

 Thanks,

 -- dan
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

Other related posts:

  • » [dokuwiki] Viewing access for current page?
  1. Home
  2. dokuwiki
  3. Archive
  4. 01-2006