Difference: TWikiAccessControl (43 vs. 44)
Revision 442017-08-09 - TWikiContributor
| Line: 1 to 1 | ||||||||
|---|---|---|---|---|---|---|---|---|
TWiki Access Control | ||||||||
| Line: 83 to 83 | ||||||||
| ||||||||
| Added: | ||||||||
| > > | On a large TWiki installation having hundreds or thousands of webs, a single super admin group may not be able to take care of all of those webs. One way to deal with that is to have a super admin group for each web. AutonomousWebs shows how to. | |||||||
Restricting Access | ||||||||
| Line: 136 to 138 | ||||||||
For example, set this to restrict a topic to be viewable only by the MarketingExecGroup:
| ||||||||
| Added: | ||||||||
| > > | You may want to allow or deny access to a topic in addition to the ALLOWEB* or DENYWEB* specifies. In that case having + as the first non-space character of ALLOWTOPIC* or DENYTOPIC* has that effect.
For example, the following setting allows view by MarketingExecGroup in addition to the people ALLOWWEBVIEW allows.
| |||||||
See "How TWiki evaluates ALLOW/DENY settings" below for more on how ALLOW and DENY interacts.
 If the same setting is defined multiple times the last one overrides the previous. They are not OR'ed together. | ||||||||
| Line: 219 to 225 | ||||||||
| ||||||||
| Changed: | ||||||||
| < < | Allowing web creation by user mapping manager | |||||||
| > > | Allowing web creation/deletion/rename by user mapping manager | |||||||
| Changed: | ||||||||
| < < | There are cases where DENYROOTCHANGE, ALLOWROOTCHANGE, DENYWEBCHANGE, and ALLOWWEBCHANGE, and DENYWEBCHANGE are not capable enough to implement web creation permission you want.
To cope with such cases, when a new web is created, the canCreateWeb($cUID, $web) method of the user mapping manager is called if the method exists. | |||||||
| > > | There are cases where DENYROOTCHANGE, ALLOWROOTCHANGE, DENYWEBCHANGE, and ALLOWWEBCHANGE, and DENYWEBCHANGE are not capable enough to implement web creation and rename permissions you want.
To cope with such cases, when a new web is created, the canCreateWeb($cUID, $web) method of the user mapping manager is called if it exists. | |||||||
| If it returns true, TWiki goes ahead and create the web without checking access control variables. | ||||||||
| Added: | ||||||||
| > > | Similarly, when a web is renamed (deletion is a form of rename), the canRenameWeb($cUID, $oldWeb, $newWeb) method of the user mapping manager is called if it exists. | |||||||
Please read AllowWebCreateByUserMappingManager for more details.
Forbid certain users to do certain actions by configuration | ||||||||
| Line: 526 to 533 | ||||||||
| Changed: | ||||||||
| < < | Related Topics: AdminDocumentationCategory, TWikiUserAuthentication, AllowWebCreateByUserMappingManager, UserMasquerading, CustomUserGroupNotations, TWiki:TWiki.TWikiAccessControlSupplement | |||||||
| > > | Related Topics: AdminDocumentationCategory, TWikiUserAuthentication, AllowWebCreateByUserMappingManager, AutonomousWebs, UserMasquerading, CustomUserGroupNotations, TWiki:TWiki.TWikiAccessControlSupplement | |||||||
|
-- Contributors: TWiki:Main.PeterThoeny, TWiki:Main.MikeMannix, TWiki:Main.CrawfordCurrie | ||||||||
View topic | History: r44 < r43 < r42 < r41 | More topic actions...
Copyright © 1999-2025 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback
Note: Please contribute updates to this topic on TWiki.org at TWiki:TWiki.TWikiAccessControl.