22 Nov
2003
22 Nov
'03
2:37 p.m.
Hi
I would like to disallow the unser 'anonymous' to view the contents of a
certain folder X while at the same time create a general user (with a
password) which has the rights of the user 'anonymous' and is allowed
to view and edit the folder X.
What do I already know?
server user inspect
gives me a dictionary of the users (instances of SWUser)
The testcase
SWSecurityTests setup
shows how to create a couple of permissions and to assign
them to a role. Then a user is created and the role added.
What I do not know is how to do the link between a user (and his
role) and a certain folder.
I would like to know as well how to access the permissions of a certain
folder.
server root permissions
does not work.
Thank you for the answer in advance
Hannes
22 Nov
22 Nov
2:54 p.m.
Hi Hannes,
I would like to disallow the unser 'anonymous'
to view the contents of
a certain folder X while at the same time create a general user (with
a password) which has the rights of the user 'anonymous' and is
allowed
to view and edit the folder X.
What do I already know?
server user inspect
go into the user 'anonymous' and inspect its role. Inside this role you
should see the permission to edit a page, remove it. The admin, when
logging in, is of course still able to edit a page.
What I do not know is how to do the link between a
user (and his
role) and a certain folder.
Some time ago I posted some general information about the security
framework, this is a repost and should answer you question, I hope:
The class diagram looks like this:
SecurityInformation
A
|
+-----------------------+--------------------------+
| | |
| | |
User (1) -------> (1..) Role (1) -------> (1..) Permission
Users are defined in the server class. Existing roles are just the
union of all roles assigned to all the users in the system. The
comparison #= of Roles and Permission is done using their name.
When processing a query, e.g. /a/b?action=MyAction, the following
actions are taken:
- The server is looking for a username and password given in the
request header. The username is looked-up in the server and checked if
the password matches, if so a copy of that user is assigned to the
current request. If there is no authentication given or if the
authentication does not match, the anonymous-user is assigned
automatically.
- As you know, the chain-of-responsibilities is started and the
request is passed to the root structure. Every structure has the
possibility to redefine roles. If there is the role X defined in the
root folder and the user of the current request has got the role X
defined too, then the role of the user is replaced with the role of
the structure. This happens for all the roles of the user, if there
are any redefinition in the structure.
- It is important to understand that during processing there are roles
added or removed from the user, existing roles are just replaced with
roles having the same name but contain different permissions.
- The request with the updated user is then passed to next child
within the chain, etc.
- At the of the chain the given action (if there is nothing given, the
default action will be executed) is execute. By default actions have
the possibility to override the message #executePermission to assert
the permissions the user needs to execute it. If such an an permission
fails, the actions is aborted and error action is executed instead.
--
Lukas Renggli
http://renggli.freezope.org
Now the structure itself is not involved, this
means that if I want
to have a special page that only a certain person can edit but
everybody else cannot I have to create a special role for that. Am I
correct? Or is it possible to grant permission at the instance level
like a page?
Just define the anonymous role in that structure without the
edit-permissions.
Hope that helps,
Lukas
4:13 p.m.
Hello Lukas
Thank you for your answer.
It is on one side a confirmation and I think I understand the security
model in general.
A helpful hints for me in your last mail was the following:
To disallow the unser 'anonymous' to edit anything I do
server root inspect
and then
go into the user 'anonymous' and inspect its
role. Inside this role you
should see the permission to edit a page, remove it.
This applies to all folders and all pages.
However I still do not understand the issue on the level of the folders
/ structures.
>> Now the structure itself is not involved, this
means that if I want
>> to have a special page that only a certain person can edit but
>> everybody else cannot I have to create a special role for that. Am I
>> correct? Or is it possible to grant permission at the instance level
>> like a page?
>
>
> Just define the anonymous role in that structure without the
> edit-permissions.
>
Let's say I have a root folder and four subfolders
Cam
history
language
socialanthropology
glossary
I do not want to allow user 'anonymous' to enter and view the contents
of the four subfolders. How do I do that?
Regards
Hannes
8:13 p.m.
Hi Hannes,
However I still do not understand the issue on the
level of the
folders / structures.
Basically you define the roles and their global permissions in the
server. If history, language, ... are the only folders in your wiki,
you might want to adjust the global role of 'anonymous' by removing the
permission to view folders, pages and resources.
" fetch the default role of anonymous "
role := server roles
detect: [ :each | each name = 'anonymous' ].
" remove the permissions we don't want to give "
role remove: Page permissionView.
role remove: Folder permissionView.
role remove: Resource permissionView.
The result will be that the login-dialog will pop-up immediately when
browsing to any site of the wiki.
However, more advanced use of the SmallWiki security framework allows a
much finer control of permissions: If you want to look all the pages
for anonymous people, you have to redefine the anonymous role just in
those folders that should be protected. To give an example, I take your
configuration and show how to disable viewing for anonymous users for
those folder and all its children, but not for the root folder and
other content of the wiki:
" get a copy (!) of the default role of anonymous, so we don't
have to put together all the permissions from scratch "
role := server roles
detect: [ :each | each name = 'anonymous' ].
role := role copy.
" adjust the permissions "
role remove: Page permissionView.
role remove: Folder permissionView.
role remove: Resource permissionView.
" apply the role to all the folders we want to protect, this
will override the global role defined in the server "
folder := server root at: 'history'.
folder roles: (Array with: role).
folder := server root at: 'language'.
folder roles: (Array with: role).
...
David Vogel <vogel(a)iamexwi.unibe.ch> is currently working on a
web-interface to manage all the security related settings. Ask him if
you need further information or want to try his interface.
Hope that helps,
Lukas
--
Lukas Renggli
http://renggli.freezope.org
>> Now the structure itself is not involved,
this means that if I want
>> to have a special page that only a certain person can edit but
>> everybody else cannot I have to create a special role for that. Am
>> I correct? Or is it possible to grant permission at the instance
>> level like a page?
>
> Just define the anonymous role in that structure without the
> edit-permissions.
Let's say I have a root folder and four subfolders
Cam
history
language
socialanthropology
glossary
I do not want to allow user 'anonymous' to enter and view the contents
of the four subfolders. How do I do that?
7461
days inactive
7461
days old
3 comments
2 participants
participants (2)
-
Hannes Hirzel -
Lukas Renggli