id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc,branch,changelog,apichanges,internalchanges 6680,The authz_policy.py sample is only a *sample*,alristico@…,Christian Boos,"I had some trouble with setting up a policy where the anonymous user could see only the front page of the wiki (wiki/WikiStart), but not the rest of the wiki without further authorisation through logging in. I used the [source:trunk/sample-plugins/permissions/authz_policy.py authz_policy.py] and had the following in the associated authz file: {{{ [groups] superdevs = me [wiki:WikiStart] anonymous = WIKI_VIEW [wiki:*] anonymous = [*] @superdevs = TRAC_ADMIN anonymous = MILESTONE_VIEW, ROADMAP_VIEW, TIMELINE_VIEW }}} According to the docs in the authz_policy.py file, order of the directives mattered. The first directive should have allowed anonymous visitors access to the front page, while the second directive dissallowed anonymous browsing of the rest of the wiki. Instead, this resulted in an error: {{{No handler matched request to /wiki/WikiStart}}} I talked to ""aat"" on the IRC channel and he came up with the following: {{{ the issue is that trac checks for access to AT LEAST ONE resource in a realm by just checking if the user has the permission on }}} ""aat"" also provided a patch and stated that he would try and come up with something better soon. Everyone seems to agree that someone should create a trac hack out of this. Anyone out there have copious amounts of free time for that?",defect,closed,normal,0.12,admin/console,0.11b1,normal,fixed,authzpolicy TracPermissions TracFineGrainedPermissions perdirectory,conny@… leho@…,,,,