Rene wroteWhat is wrong with ACL?
Nothing is wrong with ACL per se. However, since higher permissions override lower ones, if groups/users have specific higher rights (e.g. Upload, Delete) granted for certain namespaces/pages, it's not possible to lock out everyone from every page using ACL without making lots of edits to ACL settings.
For example, consider this [very simple] example ACL setup:
*
@ALL[/m] has [m]Edit[/m] for [m]* namespace
*
Some.User[/m] has [m]Upload[/m] for [m]procedures:* namespace
If I want to set the whole wiki to read-only mode, it's not enough to switch
@ALL[/m] to [m]Read[/m], since [m]Some.User[/m] would still be able to make changes under [m]procedures:*, because higher permission levels override lower ones. Imagine an ACL with many entries, and the necessary ACL changes are quite a lot of work.
Am I missing something, or would this not be a good reason to want a simple cfg switch which simply disables editing by everyone?
Reason for looking at this today: the server on which the wiki lives is migrating to a new location, and I wanted to keep the wiki available for reference, but prevent edits which would otherwise be lost, since it's necessary to clone the existing setup at some point. I admit this is the first time I've wanted to find such a setting in 3+ years administering a well-used DokuWiki installation.
I suppose one way around this would be to back up
acl.auth.php[/m], remove all ACL settings except restricting all edits, and then restore [m]acl.auth.php when maintenance is complete.