30 Jun
2011
30 Jun
'11
10:20 a.m.
On Thu, Jun 30, 2011 at 09:57, Paul Harris <harris.pc(a)gmail.com> wrote:
On 30 June 2011 15:49, Thomas Mortagne
<thomas.mortagne(a)xwiki.com> wrote:
create
That is not my point.
The wiki is open for editing, but only to registered users, and some spaces
are only available to a subset of those users. Its mostly to prevent
vandalism, plus some pages people want to only share with their particular
group of users.
There may be many many users, and if its "open by default" then it becomes
more difficult to figure out who could have access to what.
Go to the general right management UI and only give rights to admin
group (no need to use deny, just set blank), that will implicitly
remove theses right for any other user. That's why users don't have
admin right for example in a default XE even if guest have it when you
did not yet imported XE and its default right configuration. Then you
can give specific rights space by space.
Don't forget to give view right on XWiki space for users since a lot
of default applications actually have there code there so user need to
be able to view/execute it.
On Thu, Jun 30, 2011 at 09:39, Asiri Rathnayake
<asiri.rathnayake(a)gmail.com> wrote:
You
It was suggested in the official XWiki Upgrade documentation,
see bottom of page here:
http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Installation
I assumed the core team would only mention quality extensions in
documentation like that.
Hi,
On Thu, Jun 30, 2011 at 8:15 AM, Paul Harris <harris.pc(a)gmail.com>
wrote:
> Hi guys,
>
> I installed the "Admin Tools" plugin
> http://extensions.xwiki.org/xwiki/bin/view/Extension/AdminTools
>
> And found that half the stuff didn't work anyway.
>
> Regardless, carrying on, I am hoping the User Rights tool will be
helpful,
> however it can't seem to check the most
important user:
> the Unregistered User
>
> And what is worse, I discovered by accident that the Unregistered User
can
access
the space!
For example, an unregistered user can access the /xwiki/Admin/RunQuery
page,
which could be used to run queries directly on the database, for example
select * from xwikipreferences
Does this give anyone else a heart attack too??
I don't think this "extension" is part of the standard XE/XEM release.
should be careful when installing extensions.
Yes this extension is a contribution and is not written or supported
by the XWiki Core team.
> WHY
is there no default "cannot view unless admin says so" mode?
> This is a problem with all of my spaces. When I create a space, I want
to
> then have to go and ALLOW people to access
it. Not open by default,
that
is
much harder to configure.
It's a wiki, and wikis are supposed to be open by default. If the the
default behaviour is "closed", it would be hard for a normal user to a space and allow other users to contribute
content (he'll have to wait
for
the admin to open that space).
This is only my personal understanding and I'm not a professional XWiki
user, so let's wait for some other views as well.
Yes it's exactly that, wiki that only an admin can contribute to is
not a wiki... maybe a CMS.
Also making default XE distribution private is
very easy you just have
to setup global rights and you are done for the whole wiki.
How do I do that ? _______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Thomas Mortagne