This is a static copy of the main wikispot.org site, preserved for historical purposes only. Please see this page for more information.

Help on ACLs

 InfoInfo
Search:    
This page only applies to Sycamore versions < 0.1d

    1. Overview
    2. Default ACL Settings
    3. Example Per-Page ACL
      1. AdminGroup: admin privileges / All: read
      2. Only AdminGroup Can view page

Overview

The access control list (ACL) is a used to enforce page privileges, such as who can read or write (edit) a page, delete a page, or revert edits. To use ACLs, set acl_enabled = 1 in sycamore_config.py (this is the default). If you alter the ACL settings in {{sycamore_config.py}}}, you will need to restart memcached (if you are using it) and the Sycamore process if you are not using CGI. If you have HTTP auth set up for some reason, that could cause problems.

It's confusing for the time being, but it's going to be mucho better very soon :)

Built-in groups:

User groups can also be created (such as AdminGroup and BannedGroup). See Help on Groups for more information.

Default ACL Settings

The default access control settings are set using the acl_rights_default variable in the sycamore_config.py file. It is a tricky configuration option, and the order of items is important. For instance,

PhilipNeustrom:admin,read,write,delete,revert AdminGroup:admin,read,write,delete,revert BannedGroup:read Trusted:read,write,revert,delete Known:read,write,delete,revert All:read,write

means that by default, PhilipNeustrom always has all rights. So do members of AdminGroup. Members of BannedGroup can only read, whereas logged in users (Known) can edit/read/delete/revert, and All users (logged in or not) can read and write.

Example Per-Page ACL

Examples of common ACL lists.

AdminGroup: admin privileges / All: read

To set the privileges to allow the AdminGroup to read, write (edit), delete, revert edits, and provide admin functions, and give all other users read-only privileges: 

#acl AdminGroup:read,write,delete,revert,admin All:read

Only AdminGroup Can view page

To set the privileges to allow the AdminGroup to read, write (edit), delete, revert edits, and provide admin functions, and restrict all other users from reading a page: 

#acl AdminGroup:read,write,delete,revert,admin

Non-AdminGroup users will see a message stating: You are not allowed to view this page.

See [WWW]Sycamore/wikiacl.py for more information on syntax.

This is a Wiki Spot wiki. Wiki Spot is a 501(c)3 non-profit organization that helps communities collaborate via wikis.