TWiki> Codev Web>DenyVsAllowWebChangeVsViewIsBroken (15 Apr 2006, AntonAylward)EditAttach
Tags:
access_control1Add my vote for this tag create new tag
, view all tags

Wiki access control based on change/view is broken

I have set up several wiki sites where access control is important. If TWiki did not have access control, we would have to use (gag) SharePoint.

Today, I noticed for the umpteenth time that TWiki's access control is, um, suboptimal, a pain to administer.

TWiki has separate lists for read access - ALLOWWEBVIEW - and change access - ALLOWWEBCHANGE.

Since nearly everyone who is allowed to change a topic is also allowed to read it, these are redundant. The ALLOWEBCHANGE list should always be a subset of the ALLOWWEBVIEW list. When it isn't, well, it's a pain - e.g. if you leave yourself off the ALLOWWEBVIEW list you can still read the pages by going into edit, but you have to type URLs in yourself.

I recommend that a user or group being in ALLOWWEBCHANGE imply that it also has ALLOWWEBVIEW access.

If you really want some people to have edit only, but not view, access ---- well, ewe could come up with a way of representing that. But I have trouble imaging such a use.

-- Contributors: AndyGlew

Discussion

Very sadly, I have used topics where the user has write access and not view access - for logging purposes. It was decided that the edit & state log for the ISO system should not be public. So yeah, while not necessarily being hugely important, it meant that for that application, i didn't need to make a plugin, or resort to non-topic storage of info.

-- SvenDowideit - 14 Apr 2006

(Apparently the comment formatting is broken.)

Fine. So provide:

  • ALLOW_TOPIC_ACCESS_READONLY
  • ALLOW_TOPIC_ACCESS_READWRITE
  • ALLOW_TOPIC_ACCESS_WRITEONLY

and compute

  • reads_allowed = readonly + readwrite
  • writes_allowed = readwrite + writeonly

This is not a functionality issue. It's a user interface issue - for the user who is the admin setting up perms.

Or, equivalently, go to an access control list

  • ACCESS_LIST =
    • AndyGlew? - readwrite
    • SvenDowideit? - writeonly
    • SomeoneElse? - readonly
    • TWikiGuest? - denied

My point is that the present system violates the OAOO rule - once and only once. The user must enter a group name in multiple lists.

Heck... I just realized that a plugin could be used to fix this.

-- AndyGlew - 14 Apr 2006

TWiki's access control is suboptimal because it is confusing.

I strongly recommend looking at Role Based Access Control.

It is simple to institute and simple to administer.

-- AntonAylward - 15 Apr 2006

 
BasicForm
TopicClassification TWikiDevQuestion
TopicSummary

InterestedParties

RelatedTopics

Edit | Attach | Print version | History: r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r4 - 15 Apr 2006 - 12:33:19 - AntonAylward
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback