Tags:
create new tag
view all tags

SID-00251: Is DENYTOPIC Deprecated

Status: Answered Answered TWiki version: 4.3.0 Perl version: 5.8
Category: CategoryAccessControl Server OS: RH Last update: 16 years ago

The documentation TWikiAccessControl states: 


How TWiki evaluates ALLOW/DENY settings

When deciding whether to grant access, TWiki evaluates the following rules in 
order (read from the top of the list; if the logic arrives at PERMITTED or DENIED 
that applies immediately and no more rules are applied). You need to read the 
rules bearing in mind that VIEW, CHANGE and RENAME access may be granted/denied separately.

   1 If the user is an administrator * access is PERMITTED.
   1 If DENYTOPIC is set to a list of wikinames * people in the list will be DENIED.
   1 If DENYTOPIC is set to empty ( i.e. Set DENYTOPIC = ) * access is PERMITTED 
i.e no-one is denied access to this topic. ALERT! Attention: Use this with caution. 
This is deprecated and will likely change in the next release.
   1 If ALLOWTOPIC is set 
      1 
         1 people in the list are PERMITTED
         1 everyone else is DENIED
   1 If DENYWEB is set to a list of wikinames * people in the list are DENIED access
   1 If ALLOWWEB is set to a list of wikinames * people in the list will be PERMITTED * everyone else will be DENIED
   1 If you got this far, access is PERMITTED

Point 3 says that This is deprecated.

Can someone expand on what is meant here as it is a misleading

Thanks in advance

-- PeterJones - 2009-04-07

Discussion and Answer

Spec of DENYTOPIC set to empty changed in TWiki-4. In earlier releases it meant that TWiki will ignore that setting and look further in the access control food chain. Since TWiki-4 it means that everybody has access. This new spec is confusing, the reason why we decided in a release meeting to deprecate the empty DENYTOPIC setting, or redefine to original spec) in an upcoming release.

-- PeterThoeny - 2009-04-07

How will existing entries for Set DENYTOPIC = in topics be handled in future releases. Will there be a mechanism to modify such settings?

-- PeterJones - 2009-04-08

To clarify, only setting DENYTOPIC to an empty value is deprecated. Spec of setting to explicit list of people or group(s) does not change.

-- PeterThoeny - 2009-04-08

      Change status to:
ALERT! If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.
SupportForm
Status Answered
Title Is DENYTOPIC Deprecated
SupportCategory CategoryAccessControl
TWiki version 4.3.0
Server OS RH
Web server apache
Perl version 5.8
Edit | Attach | Watch | Print version | History: r5 < r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r5 - 2009-04-08 - PeterThoeny
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.