Context Navigation

Modify ↓

#3005 closed defect (invalid)

Fine grained permissions don't work on wiki

Reported by:	mark@…	Owned by:	Jonas Borgström
Priority:	normal	Milestone:
Component:	general	Version:	0.9.4
Severity:	normal	Keywords:
Cc:		Branch:
Release Notes:
API Changes:
Internal Changes:

Description

testcase

Create a page, let's say mogg. This page shall only be visible to two users…

# excerpt of trac.ini
[trac]
authz_file = /var/lib/trac/test/conf/authz.conf

# authz.conf
[/]
* = r

[/wiki/mogg]
* =
mark = rw
work = r

expected behaviour

Anonymous cannot view that page.

actual behaviour

Anonymous is able to view that page, too.

notes

Setting authz_module_name does not change anything.
Neither [mogg] nor [/mogg] nor [/wiki/mogg] nor any equivalent with module-name works.
I've restarted apache between every run.

Attachments (0)

Change History (3)

comment:1 by Emmanuel Blot, 20 years ago

Resolution:	→ invalid
Status:	new → closed

FineGrainedPermissions only apply to repository files, not to Wiki pages.

Use TracPermissions (trac-admin or WebAdmin plugin) to define access rights to Wiki page (per-page permissions is not available for wiki pages)

comment:2 by coderanger, 20 years ago

What you are looking for is the WikiRbacPatch on trac-hacks.org

comment:3 by mark@…, 20 years ago

Summary:	Fine grained permission don't work (security hole) → Fine grained permissions don't work on wiki

You're right. I've mixed these two RBAC things up due to the similiarity in names.

Please accept my apologies.

Modify Ticket

Change Properties

Summary:
Description:	== testcase == Create a page, let's say {{{mogg}}}. This page shall only be visible to two users... {{{ # excerpt of trac.ini [trac] authz_file = /var/lib/trac/test/conf/authz.conf }}} {{{ # authz.conf [/] * = r [/wiki/mogg] * = mark = rw work = r }}} == expected behaviour == Anonymous cannot view that page. == actual behaviour == Anonymous is able to view that page, too. == notes == * Setting {{{authz_module_name}}} does not change anything. * Neither {{{[mogg]}}} nor {{{[/mogg]}}} nor {{{[/wiki/mogg]}}} nor any equivalent with module-name works. * I've restarted apache between every run. You may use WikiFormatting here.
Type:		Priority:
Milestone:		Component:
Version:		Severity:
Keywords:		Cc:	Set your email in Preferences
Branch:
Release Notes:
API Changes:
Internal Changes:

Action

leave as closed The owner will remain Jonas Borgström.

reopen The resolution will be deleted. Next status will be 'reopened'.

change ownership to The owner will be changed from Jonas Borgström to the specified user.

Add Comment

Your email or username:

E-mail address and name can be saved in the Preferences .

You may use WikiFormatting here.

Attachments ↑ Description ↑

Note: See TracTickets for help on using tickets.

Download in other formats: