Edgewall Software
Modify

Opened 12 years ago

Closed 12 years ago

Last modified 12 years ago

#3005 closed defect (invalid)

Fine grained permissions don't work on wiki

Reported by: mark@… Owned by: Jonas Borgström
Priority: normal Milestone:
Component: general Version: 0.9.4
Severity: normal Keywords:
Cc:
Release Notes:
API Changes:

Description

testcase

Create a page, let's say mogg. This page shall only be visible to two users…

# excerpt of trac.ini
[trac]
authz_file = /var/lib/trac/test/conf/authz.conf
# authz.conf
[/]
* = r

[/wiki/mogg]
* =
mark = rw
work = r

expected behaviour

Anonymous cannot view that page.

actual behaviour

Anonymous is able to view that page, too.

notes

  • Setting authz_module_name does not change anything.
  • Neither [mogg] nor [/mogg] nor [/wiki/mogg] nor any equivalent with module-name works.
  • I've restarted apache between every run.

Attachments (0)

Change History (3)

comment:1 Changed 12 years ago by Emmanuel Blot

Resolution: invalid
Status: newclosed

FineGrainedPermissions only apply to repository files, not to Wiki pages.

Use TracPermissions (trac-admin or WebAdmin plugin) to define access rights to Wiki page (per-page permissions is not available for wiki pages)

comment:2 Changed 12 years ago by coderanger

What you are looking for is the WikiRbacPatch on trac-hacks.org

comment:3 Changed 12 years ago by mark@…

Summary: Fine grained permission don't work (security hole)Fine grained permissions don't work on wiki

You're right. I've mixed these two RBAC things up due to the similiarity in names.

Please accept my apologies.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Jonas Borgström.
The resolution will be deleted.
to The owner will be changed from Jonas Borgström to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.