The PEAK Developers' Center   HelpOnConfiguration/SecurityPolicy UserPreferences
 
HelpContents Search Diffs Info Edit Subscribe XML Print View Up
The following 128 words could not be found in the dictionary of 50 words (including 50 LocalSpellingWords) and are highlighted below:
Add   An   Apache   Disable   Foot   If   It   Ls   Mechanics   Note   Permissions   Policy   Samples   Security   The   Then   This   able   actions   addition   admins   ag   against   allows   an   and   are   assign   at   available   base   basic   be   being   by   can   certain   changes   class   config   content   de   def   defaults   define   defined   delete   deleting   different   disable   dynamically   edit   editable   editing   edits   effect   enable   extra   for   form   from   get   have   https   implements   import   in   inherit   init   instance   interface   intra   is   it   key   main   make   mean   means   measure   module   most   net   new   no   not   notably   of   one   only   option   or   outside   over   own   password   people   permissions   pointing   policy   protected   protection   read   restrictions   rules   same   scheme   security   self   server   so   system   that   the   this   those   to   two   used   user   via   want   webapi   webde   when   work   you   your  

Clear message


SecurityPolicy is a config option that allows wiki admins to dynamically enable or disable certain key actions in a MoinMoin wiki, most notably editing and deleting content.

1 Mechanics

Security restrictions in a MoinMoin wiki work by the interface defined in the MoinMoin.security module. The Permissions class implements the basic interface for user permissions and system policy. If you want to define your own policy, inherit from that base class, so that when new permissions are defined, you get the defaults.

Then assign your new class to SecurityPolicy in moin_config; and I mean the class, not an instance of it!

2 Samples

2.1 Disable editing over HTTPS

This is used at [WWW]WEB.DE AG to make the main intra-net wiki available in read-only form via HTTPS. It's an extra security measure, in addition to password protection, against content changes from the outside. The same scheme can be used to have two different URLs pointing at the same wiki, and have only one of those URLs1 being able to edit the wiki. The net effect is that you have a read-only wiki editable only by certain people.

Add this to your moin_config.py:

# permissions 
import MoinMoin.security 
  
class SecurityPolicy(MoinMoin.security.Permissions): 
    def __init__(self, user): 
        MoinMoin.security.Permissions.__init__(self, user) 
  
        # no edits via https 
        from MoinMoin import webapi 
        self.edit = not webapi.isSSL() 
        self.delete = self.edit 

____
   1 An URL that is password-protected, by means of Apache server rules.
PythonPowered
EditText of this page (last modified 2002-12-12 16:06:09)
FindPage by browsing, title search , text search or an index
Or try one of these actions: AttachFile, DeletePage, LikePages, LocalSiteMap, SpellCheck