I've just tracked down a problem that I was having with a statement like: (:if auth upload {$PAGE}:)
I presume (and I could be wrong) that this is supposed to test if the user has the authority to upload to page {$PAGE}. It turns out that auth calls CondAuth, which (among other things) tests $AuthCascade, but it completely ignores $HandleAuth. In my config.php, I have the lines: $DefaultPasswords['admin'] = '@admins'; $DefaultPasswords['edit'] = '@editors'; # Anyone with edit rights also has upload rights. $HandleAuth['upload'] = 'edit'; So, although the standard (:if auth upload:) is false, I can, in fact, do an ?action=upload, and it will work. I fixed it by redefining auth as follows: # redefine 'auth' so it cares about $HandleAuth $Conditions['auth'] = 'NoCache(CondAuth2($pagename, $condparm))'; function CondAuth2($pagename, $condparm) { global $HandleAuth; @list($level, $pn) = explode(' ', $condparm, 2); $level = array_key_exists($level,$HandleAuth) ? $HandleAuth[$level] : $level; $pn = ($pn > '') ? MakePageName($pagename, $pn) : $pagename; msg("lvl=$level, ha=$HandleAuth[$level], pn=$pn"); return (boolean)RetrieveAuthPage($pn, $level, false, READPAGE_CURRENT); } And now everything works as I expected. So, did I find and fix a bug, or did I just mess things up in some subtle way that I don't yet understand? _______________________________________________ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users