Question
Oops. One of my company's users just created a personal sidebar (pattern skin). Great feature. It probably even asked him for his name and password.
Then it allowed him to edit the personal sidebar for
TWikiGuest. Not good.
Can we prevent this? Can
you guys do something to TWiki to prevent this??
How about checking if the user name doesn't match the owner of the sidebar page when the edit starts up? It is, afdter all, supposed to be a "personal" side bar (and it's not easy to tell that you're not where you think you are.
If I tried to edit ~/.cshrc and got /etc/cshrc instead I would be embarrassed - and my sysadmin would be unhappy.
Environment
--
VickiBrown - 17 Dec 2004
Answer
Would you be up for coding a change for this? If you have a lot of changes you'd like to make you would probably enjoy developer access to the subversion repository.
--
MartinCleaver - 17 Dec 2004
How about simply creating the guest sidebar and locking edit down to the admin group?
--
PeterThoeny - 17 Dec 2004
A fine workaround. I have created a personal sidebar for
TWikiGuest that says:
You are TWiki Guest!
You will need to authenticate yourself to edit any pages. Be sure to
register if you haven't already done so.
--
VickiBrown - 17 Dec 2004