10 Dec
2010
10 Dec
'10
7:26 a.m.
On 9 December 2010 21:01, Paul Harris <harris.pc(a)gmail.com> wrote:
On 9 December 2010 17:29, Guillaume Lerouge <guillaume(a)xwiki.com> wrote:
Hi again,
I tried Guillaume's idea, but it doesn't work.
What I did:
goto XWikiPreferences, and change ALL the rights in Unregistered users to NO
(red cross).
I also did that for AllUsers,
and for AllAdmins i ticked them all Green, except for Program which i ticked
NO.
Then I checked the website without logging on - sure enough it asked me to
log in. Good.
Then I edited the Rights in the Main space, and ticked on View only for
Unregistered users.
Then I checked again. This time the Main page DID come up, however the
background images that are part of the skin did NOT appear (I'm using the
nightfall colour scheme).
The link required for the background image is:
domain.com/xwiki/download/ColorThemes/Nightfall/bg8x540.jpg
what rights does unregistered users require for that?
thanks
Paul
Hi Paul,
On Thu, Dec 9, 2010 at 02:28, Paul Harris <harris.pc(a)gmail.com> wrote:
able
Good idea, thanks Guillaume
On 9 December 2010 09:21, Paul Harris
<harris.pc(a)gmail.com> wrote:
> Hi again,
>
> I wanted to protect my "Website Admin" from any non-admins,
> So I edited the Rights to that space, and clicked the 'View' button on
> 'XWikiAllGroup' until it was a red cross.
> Then I checked in the other webbrowser (logged in as a regular user),
and
sure
enough, I couldn't view the page.
However, I then went to this address:
http://domain.com/xwiki/edit/Website+Admin/
and the regular user was able to edit the page! which also includes a
'Preview' button, which shows them a View!
not good.
After I removed ALL the rights to the AllUsers group, I noticed that
unregistered users are able to view the space.
What happens when I add more groups to the wiki, will those users be to
view the space? Or will they be covered by AllUsers?
I don't find this intuitive... I haven't thought this through, but I
would've preferred to be able to switch OFF all rights, and then switch
on
the rights to the users/groups I want to edit.
At the moment there are
a
few places where you could accidentally leave
access open to spaces that
should not be open.
There is a way to achieve this. In your wiki's administration, give all
rights (green checkmark) only to the XWiki.XWikikiAdminGroup . Leave all
other boxes blank. In practice, this will deny all rights to anyone on the
wiki but for the admin group.
Then you can add rights iteratively from there.
Guillaume
