Index: Access.pm =================================================================== --- Access.pm (revision 3261) +++ Access.pm (working copy) @@ -117,42 +117,48 @@ } # parse the " * Set (ALLOWTOPIC|DENYTOPIC)$theAccessType = " in body text - my %deny; - my %allow; + my $allowText = undef; + my $denyText = undef; + foreach( split( /\n/, $theTopicText ) ) { if( /^\s+\*\sSet\s(ALLOWTOPIC|DENYTOPIC)$theAccessType\s*\=\s*(.*)/ ) { - if( $2 ) { + if( $2 && $2 =~ /\S/) { my $allowOrDeny = $1; # "ALLOWTOPIC" or "DENYTOPIC" - my %tmp = _parseUserList( $2, 1 ); if( $allowOrDeny eq "DENYTOPIC" ) { - %deny = %tmp; + $denyText = $2; } else { - %allow = %tmp; + $allowText = $2; } } } } # if empty, get access permissions from preferences - unless( %deny ) { + unless( defined($denyText) ) { my $tmpVal = TWiki::Prefs::getPreferencesValue( "DENYWEB$theAccessType", $theWebName ); - %deny = _parseUserList( $tmpVal, 1 ); + $denyText = $tmpVal if defined($tmpVal) && $tmpVal =~ /\S/; } - unless( %allow ) { + unless( defined($allowText) ) { my $tmpVal = TWiki::Prefs::getPreferencesValue( "ALLOWWEB$theAccessType", $theWebName ); - %allow = _parseUserList( $tmpVal, 1 ); + $allowText = $tmpVal if defined($tmpVal) && $tmpVal =~ /\S/; } - return 0 if( %deny && $deny{$theUserName} ); + # check access + if( defined($denyText) ) { + my %deny = _parseUserList( $denyText, 1 ); + return 0 if $deny{$theUserName}; + } - return $allow{$theUserName} if ( %allow ); + if( defined($allowText) ) { + my %allow = _parseUserList( $allowText, 1 ); + return 0 unless $allow{$theUserName}; + } - # allow is undefined, so grant access return 1; }