serious-code.net  HelpOnConfiguration/SecurityPolicy UserPreferences
 
Private HelpContents Search Diffs Info Edit Subscribe XML Print View Up
 serious-code.net   RecentChanges   ±â¼úÀÚ·á   ¸µÅ©   TitleIndex   ºí·Î±× 
SecurityPolicy is a config option that allows wiki admins to dynamically enable or disable certain key actions in a MoinMoin wiki, most notably editing and deleting content.

1 Mechanics


Security restrictions in a MoinMoin wiki work by the interface defined in the MoinMoin.security module.
The Permissions class implements the basic interface for user permissions and
system policy. If you want to define your own policy, inherit
from that base class, so that when new permissions are defined, you get the defaults.

Then assign your new class to SecurityPolicy in moin_config;
and I mean the class, not an instance of it!


2 Samples

2.1 Disable editing over HTTPS


This is used at [WWW]WEB.DE AG to make the main intra-net wiki available in read-only form via HTTPS. It's an extra security measure, in addition to password protection, against content changes from the outside. The same scheme can be used to have two different URLs pointing at the same wiki, and have only one of those URLs1 being able to edit the wiki. The net effect is that you have a read-only wiki editable only by certain people.

Add this to your moin_config.py: 
# permissions 
import MoinMoin.security 
  
class SecurityPolicy(MoinMoin.security.Permissions): 
    def __init__(self, user): 
        MoinMoin.security.Permissions.__init__(self, user) 
  
        # no edits via https 
        from MoinMoin import webapi 
        self.edit = not webapi.isSSL() 
        self.delete = self.edit


____
   1 An URL that is password-protected, by means of Apache server rules.
PythonPowered
FindPage by browsing, title search , text search or an index
Or try one of these actions: AttachFile, DeletePage, LikePages, LocalSiteMap, RenamePage, SpellCheck
SeriousMoin v1 (koMoinMoin 1.0a4 Modified)