There is a general chorus for the improved management of topics.

The following from PeterThoeny regarding a simple TWiki-way for authentication of potential web administration pages:

We could do it all TWiki based, without any cookies or session ID in URL:

Edit is already authenticated. We could map the log in user to a groups page in case a user wants to edit a resticted page. Example: * User wants to edit a page that is restricted to admins; * the edit scripts reads the AdminUsers page and checks if the user is in the list; * if not - nope. The same could be extended for other groups, one per web for example. Also for admin functions like rename, delete...

Further discussion indicated some need to rewrite the %INCLUDE% command for the above to remain secures, see PercentageSemantics for further details.

Management tools required:

• delete
• move to other web
• rename
• ...

Notes

Deleting: Since TWiki generates things like the index on the fly, a delete script could simply move the Topic to something like TrashCanWeb/Web/Topic. TWiki admin's could then decide whether to keep the Topic as a backup or remove them periodic. So a delete essential boils to an across web rename.

Moving and Renaming: The .changes file would needs to be dealt with. Same topic-name conflicts would have to be dealt with in some manner.

-- NicholasLee - 15 Jul 2000

The WebAdmin functions should use group authentication, as well as pages that should have edit restrictions based on groups. Follow up in AuthenticationBasedOnGroups.

-- PeterThoeny - 19 Jul 2000