TWikiAccessControl via topic classification

Folks who desire flat namespaces (e.g. not MultiLevelWikiWebs) need an easier means of TWikiAccessControl in environments where many discussions are under NDA (Corporate Non-Disclosure Agreement)

In these environments, many topics are created which need the same topic access controls. It would be nice to be able to use a SecurityClassification (similar to TopicClassification) via the WebForm interface. This could probably be implemented as a plugin.

-- PeterNixon - 01 Jul 2005

Isn't the access control of a topic just another kind of preference setting? In that case it could reuse the mechanism introduced by the PreferencesPlugin, couldn't it? Potential name of the proposed plugin would be -- SecuritySettingsPlugin.

-- FranzJosefSilli - 01 Jul 2005

In implementation terms, no, it isn't but should it be? Probably, yes. Another good argument for lifting the implementation of protections out of the topic text.

-- CrawfordCurrie - 01 Jul 2005

The current non-topic-text implementation would probably be in metadata. We might need to diddle around in the Authentication code. I suppose we could make the Authentication module check for a SecurityClassification field in the WebForm metadata in addition to checking the topic's preference settings. The topics listed in the SecurityClassification field would contain the necessary preference settings to provide access control.

Proposals like this make me want to support AuthenticationPlugins.

-- PeterNixon - 01 Jul 2005