Feature Proposals » Control / Set permissions of child topics

Motivation

Setting permissions on a topic does currently not affect permissions of child topics, thus permissions must be changed for each single topic.

Adapting permissions on a complete topic tree results in time consuming work.

A function that allows the user to apply permissions to a topic and (optionally) to all its subtopics in a single action would improve permission handling a lot.

Description and Documentation

The function should be available on every topic (more topic actions). When choosing the function a list of all subtopics should be displayed to show which topics will be affected.

Entering new permissions will replace all existing permissions on the topic and all its subtopics with the new settings.

Examples

Impact

Implementation

-- Contributors: MichaelGulitz - 2012-02-16

Discussion

That is a good manual way to set the permissions of all child topics. I support this feature, it needs a committed developer.

Another option is to change the spec that topics automatically inherit the permissions of the parent chain, then web permissions, etc.

-- PeterThoeny - 2012-02-16

To cope with that sort of requirements, I enhanced Access.pm so that TWiki variables in ALLOWWEBVIEW, DENYWEBVIEW, etc. are expanded.

• Set ALLOWWEBVIEW = %SOME_TWIKI_VARIALBE% ...

It's a bit tricky to use but can achieve a similar goal. With that enhancement, you would have a topic naming convention where a set of topics starts with a certain string. And topics starting with that string would be restricted. How does this sound?

-- HideyoImazu - 2012-03-02

We use a strict naming convention for topic. for example all topics dealing with a project start withe project id, but permission might differ among them. For example in project documentation not every is allowed to see the the financial status, or other confidential stuff

-- MichaelGulitz - 2012-03-02

Your Idea is smart but does not solve all of my issues

-- MichaelGulitz - 2012-03-02

Naming convention is not the only way to achieve your access restriction goal under my scenario. You can use a parent topic for access restriction by having %META{"parent" format="$topic"}% in ALLOWWEBVIEW.

-- HideyoImazu - 2012-03-02

When doing this to a parent topic, what will happen if a user doesn't have sufficient permission to change one of its child topics?

-- YaojunFei - 2012-10-12

Yaojun: If implemented as proposed by Michael, if the user does not have sufficient permission to change one of its child topics it will show an error.

Personally I favor the way to expand variables in access control settings.

Discussed at JerusalemReleaseMeeting2012x10x12: This proposal is inactive. Anyone can claim it as a committed developer to implement the feature.

-- PeterThoeny - 2012-10-13

I am changing the status to ParkedProposal due to long inactivity. Feel free to claim and implement this feature.

-- Peter Thoeny - 2015-06-18