Feature Proposal: Need Higher Granularity for Privileges
Motivation
At present, for a user to be able to edit an existing page, the web must have ALLOWWEBCHANGE "on" for that user. Unfortunately, this means that the user can also create or delete pages unless the page itself has more restrictive permissions.Description and Documentation
I'd like to see something more akin to Unix permissions. In Unix, you need write permission for the directory in order to create or delete files. You need write permissions for the files in order to edit files. In TWiki, ALLOWTOPICCHANGE currently applies only to the topic in which the variable is set. I would like to see one of two things: You could give the ALLOWTOPICCHANGE var global scope - but then how would you prevent changes to the WebPreferences topic and still allow changes to all other topics? I would suggest a new variable, ALLOWALLTOPICCHANGE (or something similar. Thus you could set WebPreferences to contain DENYWEBCHANGE ALLOWALLTOPICCHANGE DENYTOPICCHANGE This would allow users to edit their home topic (and other paages in Main, by default) but not to edit WebPreferences and not to create new topics in Main.Examples
Impact
Implementation
-- Contributors: VickiBrown - 09 Nov 2007Discussion
erm, why don't you just set WebPreferences as ALLOWTOPICCHANGE = TWikiAdminGroup? -- CrawfordCurrie - 10 Nov 2007
Edit | Attach | Topic revision: r2 - 2007-11-10 - CrawfordCurrie
Site map
Blog web
Create New Topic
Index
Search
Advanced search
My topics of interest
Changes
Major changes only
All tags
Notifications
RSS Feed
Statistics
Preferences
Community 
Readme first
Developers News
How you can help
Community roles
#twiki IRC
Lima Release
Feature Proposals
Bugs Changes
Categories 
Account 
Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.