TWiki>
Codev Web>ChangeProposal>BugReport>AllowTopicViewOnlyRestrictsCurrentRevision (25 Jan 2005, PeterThoeny)EditAttach
Codev Web>ChangeProposal>BugReport>AllowTopicViewOnlyRestrictsCurrentRevision (25 Jan 2005, PeterThoeny)EditAttachBug: ALLOWTOPICVIEW only restricts current revision
Using partial authentication, setting all ALLOW* variables in a topic only seems to restrict access to the current version of that topic. When a newer version of the topic is saved, anybody with view permissions on that web can view previous revisions of the topic that is supposed to be restricted from their view.Test case
- Create a "Restricted" web with all ALLOW* preferences set to a RestrictedGroup (which contains UserOne and UserTwo).
- Create a topic Restricted.UserOnePrivate and set ALLOW* = UserOne.
- Set ALLOWTOPICCHANGE = UserOne
- Set ALLOWTOPICRENAME = UserOne
- Set ALLOWTOPICVIEW = UserOne
- Login as UserTwo
- Successful Tests (No permission to read topic ...)
- attempt to view Restricted.UserOnePrivate
- attempt to view Restricted.UserOnePrivate?rev=<current revision>
- Failing Tests (able to view Restricted.UserOnePrivate as UserTwo)
- attempt to view Restricted.UserOnePrivate?rev=<any previous revision>
Environment
| TWiki version: | TWikiRelease02Sep2004 |
| TWiki plugins: | DefaultPlugin, SpreadSheetPlugin, ActionTrackerPlugin, CommentPlugin, EditTablePlugin, InterwikiPlugin, RenderListPlugin, SlideShowPlugin, SmiliesPlugin, TablePlugin |
| Server OS: | Linux kernel 2.4.21-20.0.1.ELsmp |
| Web server: | Apache/1.3.29 |
| Perl version: | 5.8.0 |
| Client OS: | MS Windows XP Pro, SP2 |
| Web Browser: | MS IE 6.0 |
Follow up
See related issue Support.ViewToViewauthNotWorking -- PeterThoeny - 25 Jan 2005Fix record
see proposal ... -- ThomasBurgstaller - 17 Jan 2005| ChangeProposalForm | |
|---|---|
| TopicClassification | BugReport |
| TopicSummary | ALLOWTOPICVIEW only restricts current revision |
| CurrentState | UnderInvestigation |
| OutstandingIssues | |
| RelatedTopics | |
| InterestedParties | RobKirk |
| ProposedFor | |
| TWikiContributors | |
Topic revision: r5 - 25 Jan 2005 - 17:09:21 - PeterThoeny
-
Codev Web
-
Readme first
-
Developers News
-
Changes
-
Major Only
- All Webs
-
RSS Feed
-
Search
- Advanced
-
Topics of interest
-
Categories
-
All tags? / My tags
Create New Topic
Georgetown
TWiki 4.2.3- TWiki community
- TWiki marketing
- TWiki advocacy
- TWiki deployment
- Dev questions
- TWiki competition
- Usability
- Security
- Community
- How you can help
- Community roles
-
Answer Support questions
- Community
- #twiki (IRC)
- — logs
- Meet others
- Webs
-
Blog
- Codev
- Main
- Plugins
- Sandbox
- Support
- TWiki
- TWiki01
- TWiki02
- TWiki03
- TWiki04
- TWiki04x01
- TWiki04x02
 |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback