From d66fc7acf17a094759fcea32617fa441e629ae37 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 21 Oct 2008 12:18:22 -0400 Subject: [PATCH] updated with new thoughts on user checking --- doc/todo/applydiff_plugin.mdwn | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/doc/todo/applydiff_plugin.mdwn b/doc/todo/applydiff_plugin.mdwn index b8ddcd6ce..3439196f2 100644 --- a/doc/todo/applydiff_plugin.mdwn +++ b/doc/todo/applydiff_plugin.mdwn @@ -69,13 +69,15 @@ Also see [[joey]]'s idea on [[users/xma/discussion]], to allow (filtered) anonym > and use `parse_diff_tree` to get a list of the files changed. Then it > could determine if the changes were allowed. > -> To do that, it should perhaps first look at what unix user received the +> To do that, it should first look at what unix user received the > commit. That could be mapped directly to an ikiwiki user. This would -> typically be an unprivelidged user, but you might also want to set up -> separate users who have fewer limits on what they can push. OTOH, I'm not -> sure how to get this info in an ikiwiki wrapper.. the real and effective -> gid are already trampled. So maybe leave this out and always treat it as -> an anonymous edit from a non-logged in user? +> typically be an unprivelidged user (that was set up just to allow +> anonymous pushes), but you might also want to set up +> separate users who have fewer limits on what they can push. And, of +> course, pushes from the main user, who owns the wiki, would not be +> checked at all. So, let's say `$config{usermap}` is a hash, something +> like `{usera => "wikiusera", userb => "wikiuserb"}`, and pushes from +> users not in the hash are not checked. > > Then it seems like it would want to call `check_canedit` to test if an > edit to each changed page is allowed. Might also want to call