Hi, got two ideas for features that I find extremely usefull and needed.
1. Better wildcards in acl.auth.php
It would be just amazing to be able to write:
*!: @users 1 # means all 1-level pages
*:adminspace* @users 0 # means 'adminspace' subpage of all namespaces, and all subpages of it
*!:userspace!: @users 31 # means 'userspace' subpage of any 1-level page
("!:" stands for something like "there must be : and it must be the nearest :")
OR
#: @users 1 # means all 1-level pages
*:adminspace:% @users 0 # means 'adminspace' subpage of all namespaces, and all subpages of it
#:userspace!: @users 31 # means 'userspace' subpage of any 1-level page
("#" stands for one 'any' level, "*" for multiple 'any' levels, "%" stands for 'previous level and any sublevels')
instead of: (just an imaginary sample, just think of what I am saying as a feature idea, not a plea for
this situation resolvement)
aaa @users 1
bbb @users 1
ccc @users 1
aaa:userspace @users 31
aaa:adminspace @users 0
aaa:adminspace:* @users 0
bbb:userspace @users 31
bbb:adminspace @users 0
bbb:adminspace:* @users 0
ccc:userspace @users 31
ccc:adminspace @users 0
ccc:adminspace:* @users 0
ccc:test:adminspace @users 0
ccc:test:adminspace:* @users 0
ccc:abcd:adminspace @users 0
ccc:abcd:adminspace:* @users 0
2. Groups of groups
It would be fantastic to be able to define groups of groups.
Why?
In a very complex wiki with a very complex structure and some complicated branches, wiki ACL syntax is hard to maintain.
In such case it gets easier to use Group concept just to cover every single wiki branch that needs separate access controll, like (simplified):
acl.auth:
---------
aaa @aaa 1
aaa:* @aaa 31
bbb @bbb 1
bbb:* @bbb 31
ccc @ccc 1
ccc:* @ccc 31
ddd @ddd 1
ddd:* @ddd 31
eee @eee 1
eee:* @eee 31
users.auth:
-----------
user1:aaa,bbb
user2:aaa,bbb,ccc
user3:bbb,eee
user4:bbb,eee
user5:bbb,eee
user6:aaa,bbb,eee
user7:ccc
user8:aaa,bbb,ccc,ddd,eee
...but if you have - again - VERY complicated wiki, you end up with sth like:
some_better_user:aaa,bbb,ccc,ddd,eee,fff,ggg,iii,jjj,kkk # notice no 'hhh'
And if you have a lot of users with simmilar access, it would be just damn great to have:
users.auth:
-----------
@network:aaa,bbb
@servers:bbb,eee
@acounting:ddd
@management:aaa,bbb,ccc,ddd,eee
user1:network
user2:network,ccc
user3:servers
user4:servers
user5:servers
user6:network,servers
user7:accounting
user8:management