Access Control ListsAlso available in Deutsch[link1], Español[link2], Française[link3], Русский[link4], Polski[link5], 简体中文[link6]
1. Access rightsEvery page has five access control lists (ACLs),
upload, which can be modified by the page owner (usually the user who created the page).
readdefines who is allowed to view the page,
writedefines who is allowed to edit it, and
commentdefines who is allowed to attach comments.
All ACLs are plain text lists containing a number of user names or the
*placeholder representing "everyone". Entries can be inverted by appending them with an exclamation mark. For example, while
*means "everybody has access",
!*means "nobody has access". The exclamation mark modifier works with user names, too, of course.
An empty list implies "nobody has access". For example, if the
writeACL only contains the line
SomeGuy, only the SomeGuy user has access, but no one else. If it contains a line with
*and another line with
!SomeGuy, it means everybody has access except SomeGuy.
uploadACLs are available for every page on the site; Custom page handlers can introduce extra ACLs as needed.
In WackoWiki you can edit the ACL for every page.
an ACL consists of the following permissions
| ||everyone is allowed|
| ||only registered users|
| ||a preceding exclamation mark denies the respective right|
| ||names of allowed users|
| ||names of allowed usergroup (alias)|
| ||only the page owner has access|
2. InheritanceAccess rights are inherited. In other words, if you create a new page below an existing (i.e. a child page), this new page will have the same access rights as the parent document for it. Inheritance happens when you create a page, and in consequence the rights of the child or the parent documents can be changed without detriment to each other.
One exception to the inheritance rules is the right to edit the document, which is inherited from the ACL on the creation of sub-pages. That is, for example, if you create sub-pages below this can only Boris and Anna, then, by creating sub-pages, only they will be able to edit it.
3. GroupsGroups can be administered via the Admin panel[link7].
WackoWiki supports groups of users (aliases). Only site administrator can create and edit aliases.
Names of aliases are case independent.
Alias Admins is special. All of its members are admins, and, for example, can delete or rename any page.
4. DefaultsAfter installing the default value for every action is set as defined in config_default.php.
To change the default ACL settings, go to the Settings -> Permissions section in the Admin panel[link7].
The defaults are stored in
eg: if you want only registered users to be able to edit a page change the default values to:
'default_read_acl' => '*', 'default_write_acl' => '$', 'default_comment_acl' => '$', 'default_create_acl' => '$', 'default_upload_acl' => 'Admins',
NoteChanging the defaults will only affect new created pages.
Pages which were created before changing the defaults will keep their original ACL.
If you want to change all acls you could do it with a simple sql query:
UPDATE wacko_acl SET list = "$" WHERE privilege = "write";
If some of the acl's have been set to specific users, it will be better to only update those pages where write privileges are currently set to 'allow all'
UPDATE wacko_acl SET list = '$' WHERE privilege = 'write' AND list = '*';
5.1. Protective measures
- Only assign rights that are really necessary.
- Security settings
5.2. UseWiki -> Cluster -> Page
Anyone can read and write in this wiki without registering. Typically installed on the intranet.
Only registered users can write here. Anyone can post comments.
Anyone can read in this wiki, but only users who have registered in the wiki are allowed to write.
Only members of the cluster can read and write in a private wiki. If you want to participate in a private wiki, the administrator / owner must activate you.