11 Jan
2007
11 Jan
'07
2:40 p.m.
I'd have to agree with you on all those points.. no standard user should
ever be able to get access to the database directly.
A simple call like $xwiki.isMemberOf("XWiki.ProjectManagersGroup") would
be extremely useful, and require less frontend manipulation (a simple
boolean check instead of a loop with string comparisons).
Surely that kind of call could be done without need for PR rights
though?
________________________________
From: Sergiu Dumitriu [mailto:sergiu.dumitriu@gmail.com]
Sent: 11 January 2007 13:26
To: xwiki-users(a)objectweb.org
Subject: Re: [xwiki-users] Virtual wiki's and groupmembership
(implemented on 0.9.840 due for upgrade to 1.0b2).
Maybe there should be a setting in xwiki.cfg to customize whether or not
programming rights can be granted on a virtual wiki. These rights were
designed only for global administrators because they are quite
dangerous. A user having PR can change any document or alter the
database directly, and almost anything an administrator should be
allowed to do can be achieved without using PR.
And maybe we should have an API for listing the groups a user is in.
On 1/11/07, Esbach, Brandon < Esbachb(a)tycoelectronics.com
<mailto:Esbachb@tycoelectronics.com> > wrote:
Thanks Sergui, works perfectly when I make that change.
Odd thing, those classes were created quite some time before the
virtual wiki setup was implemented - would have thought they should not
be affected by that.
Almost a bug though: as an administrator, if I trust a user
sufficiently that I grant them admin rights to the virtual wiki, they
really should be able to do anything on that wiki, regardless of whether
they exist on the main wiki or not; might just be me though thinks that
way!
________________________________
From: Sergiu Dumitriu [mailto:sergiu.dumitriu@gmail.com]
Sent: 10 January 2007 20:10
To: xwiki-users(a)objectweb.org
Subject: Re: [xwiki-users] Virtual wiki's and groupmembership
(implemented on 0.9.840 due for upgrade to 1.0b2).
AFAIK:
The API you are using requires programming rights, and these
rights are only possible for users in the main wiki. Try this:
- Create an account on the main wiki, with an username that does
not exist in the other virtual wikis
- Grant Programming rights to that user
- Login with that user
- Edit and save the pages that list the users
Now it should work.
Sergiu Dumitriu
On 1/10/07, Esbach, Brandon <Esbachb(a)tycoelectronics.com> wrote:
Hi all,
Me again, this time with another groups/permission
issue.
On my wiki's I use
"$context.xWiki.groupService.listGroupsForUser($context.user,
$context.context))" to get a list of groups a user is a member of. This
has worked very well up until implementing a virtual wiki setup...since
implementing a virtual wiki setup, I've found the listGroupsForUser only
works for the main wiki (the one pointing to xwiki database), and not
for the "other" wiki's hanging on the same server.
The users are definitely regarded as being in the group
as a permission check works for the group (eg if only group ABC has
right EDIT for a space, the user is granted the right only if they are
in the group).
But, the listGroupsForUser always returns no groups,
even for XWiki.Admin - even though every user has at least one group.
Brandon Esbach
Software Engineer
M/A-Com Eurotec Operations
LoughMahon Technology Park,
Skehard Road,
Blackrock,
Cork, Ireland
Tel +353 21 4808305
--
You receive this message as a subscriber of the
xwiki-users(a)objectweb.org mailing list.
To unsubscribe: mailto:
xwiki-users-unsubscribe(a)objectweb.org
For general help: mailto: sympa(a)objectweb.org
<mailto:sympa@objectweb.org> ?subject=help
ObjectWeb mailing lists service home page:
http://www.objectweb.org/wws
--
You receive this message as a subscriber of the
xwiki-users(a)objectweb.org mailing list.
To unsubscribe: mailto: xwiki-users-unsubscribe(a)objectweb.org
For general help: mailto: sympa(a)objectweb.org
<mailto:sympa@objectweb.org> ?subject=help
ObjectWeb mailing lists service home page:
http://www.objectweb.org/wws