Hi, probably we should always ALLOWTOPICCHANGE for all topics of all webs to the TWikiAdminGroup
, otherwise any HostileUsers
can create a topic that he/she only can edit.
Let see if I can stop you from changing this page ... Peter, can you change this topic without loggin in as a TWikiGuest
- 14 Dec 2000
No I cannot as PeterThoeny
, so I logged in as a guest. I don't want to enable TWikiAdminGroup
by default, but a new switch in wikicfg.pm to enable that is probably appropriate.
is non functional at the moment, so there is no new revision now. Filed a request at SourceForge
- 17 Dec 2000
Now, though not being one of those HostileUsers
but having this problem over and over again:
What happens if you misspell Main.TWikiGuest e.g. as main.TWikiGuest?
- Set ALLOWTOPICCHANGE = main.TWikiGuest
You lock out everybody forever ... (Peter, can you still change this topic).
Tired of editing everlocked documents on the file server I allowed TWikiAdminGroup
to edit really every
document (by changing wikiaccess.pm:)
if( userIsInGroup( $wikiUserName, "TWikiAdminGroup" ) )
(Hope I made no typos cause now I will be locked out forver!)
BTW: Even if I left the first "Set ALLOWTOPICCHANGE = TWikiGuest
" this has no affect (because checkAccessPermission does not collect all
ALLOWTOPIC changes but takes the last occurance only).
- 25 Feb 2001