TWiki Access Control
Controlling access on the SIte level
- To edit a topic a user will be asked to login using the CERN account
- Most TWiki transactions will require authentication except
views
on public pages.
Controlling access to a Web
We administrators can define restrictions on who is allowed to view or edit inside a TWiki web.
For ACLs you can use TWikiUsers, TWikiGroups and egroups. However
egroups is the preferred and CERN supported method.
- We administrators can define these settings in the WebPreferences topic, preferable towards the end of the topic:
-
Set DENYWEBVIEW = < comma-delimited list of Users and Groups >
-
Set ALLOWWEBVIEW = < comma-delimited list of Users and Groups >
-
Set DENYWEBCHANGE = < comma-delimited list of Users and Groups >
-
Set ALLOWWEBCHANGE = < comma-delimited list of Users and Groups >
-
Set DENYWEBRENAME = < comma-delimited list of Users and Groups >
-
Set ALLOWWEBRENAME = < comma-delimited list of Users and Groups >
- All new TWiki webs at CERN are created with the following settings:
-
Set DENYWEBVIEW = TWikiGuest
-
Set ALLOWWEBVIEW =
-
Set DENYWEBCHANGE = TWikiGuest
-
Set ALLOWWEBCHANGE = TWikiAdminGroup
-
Set DENYWEBRENAME = TWikiGuest
-
Set ALLOWWEBRENAME =
- The web administrators are responsible for these settings.
Controlling access to a Topic
- Users can define these settings in any topic, preferable towards the end of the topic:
-
Set DENYTOPICVIEW = < comma-delimited list of Users and Groups >
-
Set ALLOWTOPICVIEW = < comma-delimited list of Users and Groups >
-
Set DENYTOPICCHANGE = < comma-delimited list of Users and Groups >
-
Set ALLOWTOPICCHANGE = < comma-delimited list of Users and Groups >
-
Set DENYTOPICRENAME = < comma-delimited list of Users and Groups >
-
Set ALLOWTOPICRENAME = < comma-delimited list of Users and Groups >
- For example, set this to restrict a topic to be viewable only by the user JohnDoe:
-
Set ALLOWTOPICVIEW = Main.JohnDoe
For more details information see
TWikiAccessControl
PeterJones - 2016-11-18