fluzz
Hi.
I would like to define an ACL that way (this is just an exemple), 'thisuser' being in the group 'mygroup' :
oneNS.* @mygroup 1
oneNS.* thisuser 0
The idea is to restrict the rights of a given user in a given namespace.
I use htaccess authentication, and with this auth backend all users are in a common group (here, it is 'mygroup'), automatically added by the htaccess backend. Thus, there is no way, I think, to remove 'thisuser' from 'mygroup'.
I looked at inc/auth.php. There is no precedence of user's acls to group's acls.
So, is there a way to do what I need, or do I need to patch inc/auth.php ?
Shouldn't user acls be more restrictive than group acls ?
fluzz
Yes I know, and that's exactly my problem. The htaccess auth backend automatically add all users in a default group.
I wrote a patch, so that this default group is not added when a user is declared in the users.auth.php configuration file.
This way, all users can be authenticated by htaccess but the group membership is defined in dokuwiki, and if a user is
not declared in dokuwiki, then he gets a default group.
I think that this is more coherent with the user management 'philosophy' of dokuwiki.