incubator-jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Luca Gilardoni <...@quinary.com>
Subject Question about security
Date Mon, 28 Jul 2008 16:57:56 GMT
Hi all.

   I have a few questions about security.

I'd like to have a wiki shared by different groups of people, and I'd 
like to have pages visible (etc) only to members of the group of the 
person which created the page.
This can be easily managed by ACLs on the page; however
1) while the usual search functionalities respect permissions (es. 
Person X in group Y cannot even see a page restricted to group Z) this 
is not respected
by the RecentChanges plugin (all pages can be seen - albeit when jumping 
there you get the usual error message)
2) this can onlybe enforced by the author adding [{ALLOW edit mygroup}].

Questions
1) I would say it is a bug ... should I file under jira
2) any other way? I was wondering whether thic can be enforced by a 
filter ...

Tx in advance

Luca


Mime
View raw message