Context Navigation

Modify ↓

#3582 closed defect (invalid)

IncludeMacro shows pages with no permissions

Reported by:	petr.odut@…	Owned by:	Noah Kantrowitz
Priority:	normal	Component:	IncludeMacro
Severity:	critical	Keywords:
Cc:		Trac Release:	0.11

Description

With AuthzPolicy permission policy, I have set:

NotLogged@*? authenticated = anonymous = WIKI_VIEW

which causes to see page NotLogged only for anonymous users. But If I use IncludeMacro to include into other page, it does not respect the settings and use DefaultPermissionPolicy instead.

Attachments (0)

Change History (3)

comment:1 Changed 16 years ago by anonymous

this is the part of authzpolicy.conf file:

[wiki:NotLogged@*]
authenticated =
anonymous = WIKI_VIEW

comment:2 Changed 16 years ago by Noah Kantrowitz

Resolution:	→ invalid
Status:	new → closed

Permissions do not work that way. You cannot revoke permissions from lower down in the inheritance chain. All users are members of the anonymous group.

comment:3 Changed 16 years ago by petr.odut@…

I have tested this, so I know, it works like that! Nevertheless IncludeMacro ignores completely Authz permission policy, which is bad :-(

Modify Ticket

Change Properties

Summary:
Type:	Priority:
Component:	Severity:
Keywords:	Cc:	Set your email in Preferences
Trac Release:

Action

leave as closed The owner will remain Noah Kantrowitz.

reopen The resolution will be deleted. Next status will be 'reopened'.

Add Comment

Your email or username:

E-mail address and name can be saved in the Preferences.

You may use WikiFormatting here.

Attachments ↑ Description ↑

Note: See TracTickets for help on using tickets.

Download in other formats: