[Moin-user] account management without shell access?

Karl Auer kauer at biplane.com.au
Sat Jan 10 10:38:48 EST 2009 

On Sat, 2009-01-10 at 15:30 +0100, Thomas Waldmann wrote:
> > The perfect solution IMHO would be being able to apply ACLs to actions.
> 
> See there:
> http://moinmo.in/FeatureRequests/AclRefactoring

Thanks, I'll take a look at that.

> You have that "problem" only because you think you have to restrict
> account creation. You don't need that. Everybody can have an account.

Normally I would agree with you. But this particular wiki is for a
particular project, and only participants in the project are to be able
to contribute.

This is not my decision, by the way - my feeling is that anyone should
be able to contribute. However, the policy that only project
participants should be able to contribute is not entirely stupid, it's
just a different way of looking at things, and one way to keep the
"noise" down.

> Having an account gives you no permissions at all (ACLs do that).

Anyone can read stuff, even with no account. The only reason for having
an account, as far as I can tell, would be if someone wanted to
contribute. Is there any other reason to have an account? Letting people
have an account that they can't use doesn't make sense. It just pollutes
the namespace for participants unnecessarily.

> And you are not obliged to give permissions to "Known" in your ACLs.

True, but then I'm not sure I see the point of "knowing" them :-)

> If you want some concept of "authorized user", just use a group and give
> permissions to that group in your ACLs.

Again, why? Known="can contribute" other="read only". In my context,
there is no point in "other" having accounts at all - no point for me
and no point for them.

> (maybe we should add this to HelpOnAccessControlLists, this is a FAQ)

I think it is there - I certainly found some stuff on groups.

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)                   +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/                  +61-428-957160 (mob)

GPG fingerprint: 07F3 1DF9 9D45 8BCD 7DD5 00CE 4A44 6A03 F43A 7DEF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://mail.python.org/pipermail/moin-user/attachments/20090111/b67e8ce1/attachment.sig>

More information about the Moin-user mailing list