Tags:
create new tag
view all tags

Question

Hello,

I'm having a problem with page security and setting it using groups vs. users.

I posted this a couple hours ago, but did something dumb - I was included samples of the topic security I was using, and in copying it, I applied that security to the support question page!

Doh!

So here I have posted the question again, and hopefully haven't applied any security to it - I removed the word SET from all the examples below.

I have the following in a topic page, to protect only that page from some users. In the web this topic is in, the users listed in DENYTOPICVIEW have editing access to the web in general; I just want to prevent them from viewing this page:

DENYTOPICVIEW = KathyTest, CsChiefConcierge, CyChiefConcierge, CsConcierge, CyConcierge, CsClearanceOfficer, CyClearanceOfficer, CsEditor, CyEditor

ALLOWTOPICVIEW = TWikiAdminGroup, CorporateUsersGroup, HotelDirectorsViewAllGroup, CSFrontOfficeManager, CyFrontOfficeManager

DENYTOPICCHANGE =

ALLOWTOPICCHANGE = TWikiAdminGroup, CSFrontOfficeManager, CyFrontOfficeManager

DENYTOPICRENAME =

ALLOWTOPICRENAME = TWikiAdminGroup

The above works fine: The users listed in DENYTOPIC VIEW cannot view the topic page.

BUT, I created a group (FrontOfficeMgrHandoverNoViewGroup) and put all those users in DENYTOPICVIEW in that group - here's the group definition:

GROUP = KathyTest, CsChiefConcierge, CyChiefConcierge, CsConcierge, CyConcierge, CsClearanceOfficer, CyClearanceOfficer, CsEditor, CyEditor Persons/group who can change the list:

ALLOWTOPICCHANGE = TWikiAdminGroup

Then in the topic page I put the following:

DENYTOPICVIEW = FrontOfficeMgrHandoverNoViewGroup

ALLOWTOPICVIEW = TWikiAdminGroup, CorporateUsersGroup, HotelDirectorsViewAllGroup, CSFrontOfficeManager, CyFrontOfficeManager

DENYTOPICCHANGE =

ALLOWTOPICCHANGE = TWikiAdminGroup, CSFrontOfficeManager, CyFrontOfficeManager

DENYTOPICRENAME =

ALLOWTOPICRENAME = TWikiAdminGroup

The users in the FrontOfficeMgrHandoverNoViewGroup group CAN view the topic page.

I must be doing something wrong ... does someone have any advice?

It seems to me that I shouldn't actually have to use the DENYTOPICVIEW at all, and that it should be enough to leave the users out of the ALLOWTOPICVIEW, but that wasn't working, so that's when I tried the DENYTOPICVIEW

Thanks

Environment

TWiki version: TWikiRelease04x01x02
TWiki plugins: DefaultPlugin, EmptyPlugin, InterwikiPlugin
Server OS: Windows 2003 server
Web server: APache 2.0
Perl version: 5.8.6 ( IndigoPerl)
Client OS: Windows XP, Vista, Win2000
Web Browser: IE 7, Firefox
Categories: Permissions, Security

-- KathyDeLaCruz - 22 Oct 2007

Answer

ALERT! If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

Sorry, closing this after more than 30 days of inactivity. Please feel free to re-open if needed.

-- PeterThoeny - 03 Dec 2007

Change status to:
WebForm
SupportStatus ClosedUnanswered
Attachments Attachments
Topic attachments
I Attachment History Action Size Date Who Comment
HTMLhtm configure.htm r1 manage 161.6 K 2007-10-23 - 23:44 UnknownUser  
Edit | Attach | Watch | Print version | History: r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r3 - 2007-12-03 - PeterThoeny
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.