Question

Hi,

I want to create a way so that every new user is automatically put into a default group so I can set the permissions for every new user.

I've tried looking everywhere to do this. I also tried editing my Registration TWiki page by adding the line Set Group = Main.DefaultGroup (which is a group that was already made with permissions already set-up).

Links to references, comments, and anything else is welcome.

Thanks everyone, Dan

Environment

-- DanDeMeyere - 23 Oct 2007

Answer

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

This has been requested once in a while. There is no read made solution. It would require writing a plugin that adds newly registered users to the Set GROUP setting of a Main.RegisteredUsersGroup topic.

Alternatively, if you do not have fine grained access needs and you could add a Set DENYWEBCHANGE = TWikiGuest setting in the WebPreferences topics to prevent guests from changing content.

-- PeterThoeny - 31 Oct 2007

Thanks Peter. I figured a solution would be to remove the register link in the leftbarlogin page and then make a permission for the actual registration page saying * Set DENYWEBVIEW = TWikiGuest. However this is not working because I'll log out and be able to view the page. Any suggestions?

-- DanDeMeyere - 01 Nov 2007

I will be manually adding users so I can put them into their proper respective groups.

-- DanDeMeyere - 01 Nov 2007

Ahh, if you want only registered users to access the TWiki site you can authenticate the whole bin and pub directories (on Apache level). That way users need to login in order to see content. There is one catch though: Someone with access needs to register new users. This is a typical intranet TWiki setup of an organization that does not have a firewalled environment.

-- PeterThoeny - 02 Nov 2007

Awesome this is exactly what I was looking to do! Thanks Peter! I'm going to do some research on how to authenticate the bin and pub directories now. The site is really coming along, it becomes live in less than 1 week.

-- DanDeMeyere - 02 Nov 2007

Here is a .htaccess I use in twiki/bin:

RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*) https://%{SERVER_NAME}/twiki/bin/$1 [L,R]
SetHandler cgi-script
AuthUserFile /path/to/twiki/data/.htpasswd
AuthName 'Enter your WikiName'
AuthType Basic
ErrorDocument 401 /error.html
Options -Indexes
<FilesMatch "[^/]*\.html$">
  SetHandler blabla
  allow from all
</FilesMatch>

<FilesMatch "configure.*">
  require user PeterThoeny
</FilesMatch>
<FilesMatch ".*">
    require valid-user
</FilesMatch>

Do something similar to twiki/pub

-- PeterThoeny - 02 Nov 2007

So my boss put the kibosh on the Apache level authentification. All I need to figure out is how to make every user log in before viewing anything. This can't be done through a .htaccess.txt file if I'm using templatelogin correct?

I did set the following for TWiki Web trying to disable the link for a non-logged in user to the Registration link.

" *Set DENYWEBVIEW = %MAIN%.TWikiGuest" It still never prompts for the login until they try to edit the topic. However they are still allowed to press the submit button and create new users without logging in.

-- DanDeMeyere - 05 Nov 2007

Wow I'm an idiot, it came defaulted as commented out haha!!

-- DanDeMeyere - 05 Nov 2007