Hi All!
I would to set up a system where each page has an owner. This owner can then assign access rights to the page. In the first phase, all I really want is that the owner can specify who can edit the page. In fact, for the start, it could be as simply as an on-off switch where editing it allowed or not.
The first thing that comes to mind is a new data table (I am not happy with the idea of editing existing tables). The table could have fields like this:
ownerID:pageID:edit_on
Where ownerID is the userID of the owner and edit_on is either 0 or 1. Expanding this idea, I could have:
ownerID:pageID:AuthorID:privileges
Where AuthorID is another UserID and privileges is simply a bitmap (a la UNIX chmod) which indicates what the AuthorCan do to the page (read, edit, delete?).
I would prefer not to reinvent the wheel. So, if a mechanism exists aleady that is even close to that functionality, I would really appreaciate a shove in the right direction.
Regards,
jimmo
James Mohr wrote:
I would to set up a system where each page has an owner. This owner can then assign access rights to the page.
I would highly recommend against trying to use MediaWiki as a base for this sort of permissions system. It will be a lot of work and will probably have security holes.
I strongly, strongly, strongly recommend first looking for a wiki or CMS which supports your requirements before you throw away a lot of effort trying to bend MediaWiki into something it's not.
-- brion vibber (brion @ pobox.com)
On Thursday 07 September 2006 13:07, Brion Vibber wrote:
James Mohr wrote:
I would to set up a system where each page has an owner. This owner can then assign access rights to the page.
I would highly recommend against trying to use MediaWiki as a base for this sort of permissions system. It will be a lot of work and will probably have security holes.
I strongly, strongly, strongly recommend first looking for a wiki or CMS which supports your requirements before you throw away a lot of effort trying to bend MediaWiki into something it's not.
-- brion vibber (brion @ pobox.com)
Hi Brion!
Coming from you, that recommendation definately means a lot and it is definately something to consider. On the other hand, it is always nice to limit the number of systems/software packages one has to administer. It might be worth staying with a single wiki/CMS system and to say right up front that only the owner of the page can edit it, thus limiting and potential holes (i.e. if ( UserID = OwnerID) then ...). However, it is definately food for thought.
Another thing to consider is that open source projects allow you to bend them into something they're not, or at least something that wasn't planned for at the outset. That's one of the really nice things about open source.
Regards,
jimmo
James,
Why would you need to implement this kind of solution in the software?
In our wiki we have pages, which are usually edited by just one or a few people, but we do this simply out of agreement - just like it's consensus not to edit other people's userpages on Wikipedia. Sometimes the best solutions are the ones where the technical stuff doesn't get in the way. I find wikis to be so strong (contrary to most CMS-systems), because it relies so heavily on trusting users to figure out not just to input the content of the wiki, but also to figure out amongst themselves, collaboratively, how to organize the content, along the way as they go.
Just my 2 cents.
Best wishes, Morten http://morten.crewscut.com morten@crewscut.com
----- Original Message ----- From: "James Mohr" mediawiki@jimmo.com To: mediawiki-l@wikimedia.org Sent: Friday, September 08, 2006 5:37 AM Subject: Re: [Mediawiki-l] How to set up page owners
On Thursday 07 September 2006 13:07, Brion Vibber wrote:
James Mohr wrote:
I would to set up a system where each page has an owner. This owner can then assign access rights to the page.
I would highly recommend against trying to use MediaWiki as a base for this sort of permissions system. It will be a lot of work and will probably have security holes.
I strongly, strongly, strongly recommend first looking for a wiki or CMS which supports your requirements before you throw away a lot of effort trying to bend MediaWiki into something it's not.
-- brion vibber (brion @ pobox.com)
Hi Brion!
Coming from you, that recommendation definately means a lot and it is definately something to consider. On the other hand, it is always nice to limit the number of systems/software packages one has to administer. It might be worth staying with a single wiki/CMS system and to say right up front that only the owner of the page can edit it, thus limiting and potential holes (i.e. if ( UserID = OwnerID) then ...). However, it is definately food for thought.
Another thing to consider is that open source projects allow you to bend them into something they're not, or at least something that wasn't planned for at the outset. That's one of the really nice things about open source.
Regards,
jimmo
--
"Be more concerned with your character than with your reputation. Your character is what you really are while your reputation is merely what others think you are." -- John Wooden
Be sure to visit the Linux Tutorial: http://www.linux-tutorial.info _______________________________________________ MediaWiki-l mailing list MediaWiki-l@Wikimedia.org http://mail.wikipedia.org/mailman/listinfo/mediawiki-l
On Friday 08 September 2006 01:13, Morten Blaabjerg wrote:
James,
Why would you need to implement this kind of solution in the software?
In our wiki we have pages, which are usually edited by just one or a few people, but we do this simply out of agreement - just like it's consensus not to edit other people's userpages on Wikipedia. Sometimes the best solutions are the ones where the technical stuff doesn't get in the way. I find wikis to be so strong (contrary to most CMS-systems), because it relies so heavily on trusting users to figure out not just to input the content of the wiki, but also to figure out amongst themselves, collaboratively, how to organize the content, along the way as they go.
Just my 2 cents.
Best wishes, Morten http://morten.crewscut.com morten@crewscut.com
Hmmmmmm.......
I guess its kinda like netiquette in a mailing list. There are no security measures to prevent people from insulting each other or being overly obnoxious. If you do, you might get a warning or if it is really bad you get tossed from the list.
You can easily set the wiki so that only registered users can edit pages, thus you know who made a specific change. If they choose not to follow the site's rules they get tossed.
That seems to solve both problems. First, I would prefer not to use a different Wiki/CMS system. Second, you don't have "random" edits. (Well, at least not as many)
Hmmmmmm.......
Regards,
jimmo
I would to set up a system where each page has an owner. This owner can then assign access rights to the page. In the first phase, all I really want is that the owner can specify who can edit the page. In fact, for the start, it could be as simply as an on-off switch where editing it allowed or not.
I think you can hack this patch (http://meta.wikimedia.org/wiki/Page_access_restriction_with_MediaWiki) to achieve that. But sure dokuwiki, for example, has a better security model for that ->http://opensourcecms.com/
Jejc.
mediawiki-l@lists.wikimedia.org