Question

Is it possible to view a list of users (a defined group, or all users) and a list of topics to which they have access? Alternately, can a number of topics be displayed in a list or table with their view/edit permissions?

Thanks!

Environment

-- AnthonyCalderon - 03 Jun 2008

Answer

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

I don't know how to do either of those things. But here is some text I have found useful to (temporarily) put into a topic when I am troubleshooting permissions:

---+ Permissions Test

|*Level*|*Type*|*Variable*|*Value*|
|Web|View| DENYWEBVIEW | %DENYWEBVIEW% |
|^|^| ALLOWWEBVIEW | %ALLOWWEBVIEW% |
|^|Change| DENYWEBCHANGE | %DENYWEBCHANGE% |
|^|^| ALLOWWEBCHANGE | %ALLOWWEBCHANGE% |
|^|Rename| DENYWEBRENAME | %DENYWEBRENAME% |
|^|^| ALLOWWEBRENAME | %ALLOWWEBRENAME% |
|Topic|View| DENYTOPICVIEW | %DENYTOPICVIEW% |
|^|^| ALLOWTOPICVIEW | %ALLOWTOPICVIEW% |
|^|Change| DENYTOPICCHANGE | %DENYTOPICCHANGE% |
|^|^| ALLOWTOPICCHANGE | %ALLOWTOPICCHANGE% |
|^|Rename| DENYTOPICRENAME | %DENYTOPICRENAME% |
|^|^| ALLOWTOPICRENAME | %ALLOWTOPICRENAME% |

-- SeanCMorgan - 03 Jun 2008

That's useful information, but what I really want is to see who has access to what topics. In our TWiki installation, we have a number of topic-level ACLs that override the web-level permissions, and I'd like to make it easier to manage.

Ideally, I'd like to create a web form or something that allows me to enter an individual's name and have it throw back all the topics he or she can view. That's probably a pipe dream, but it'd be nice to have

-- AnthonyCalderon - 09 Jun 2008

Part of the answer might be in IfStatements, example 8, "Check access permissions". But it uses the context of the logged in user, so you would have to figure out how to run that as the designated user.

-- SeanCMorgan - 19 Jun 2008

The IfStatements topic doesn't have an example 8. I checked the history, but couldn't find it in any previous revisions, either. Does it exist elsewhere?

-- AnthonyCalderon - 15 Jul 2008

This was on my "home" server, which is TWiki 4.2. I don't know if this will work on your TWiki 4.0 server, but here goes:

8. Check access permissions

You %IF{"'%TOPIC%' allows 'change'" then="can" else="cannot"}% change this topic.
You %IF{"'Sandbox.TestTopic' allows 'change'" then="can" else="cannot"}% change Sandbox.TestTopic.
You %IF{"'Sandbox' allows 'change'" then="can" else="cannot"}% change Sandbox web

-- SeanCMorgan - 15 Jul 2008

Thanks! That's very helpful. Like you mentioned, the only question is how to make this apply to a designated user instead of the logged-in user. Do you (or does anyone else) know where I can obtain a complete list of IF parameters? The native TWiki documentation doesn't go into much detail.

-- AnthonyCalderon - 15 Jul 2008

Closing this question after more than 30 days of inactivity. Feel free to re-open if needed.

-- PeterThoeny - 02 Sep 2008