On Mon, December 17, 2007 1:33 pm, ThomasP wrote:
> ...
>
> For the level 'attr', I just noticed that at the moment it's "hardwired"
> denied, but it's sufficient to uncomment the line in userauth2.php
> containing the word "frequently" to get this part already resolved. (This
> will just grant 'attr' queries exactly to the admin only.)
>
> For the zap level, looking into zap.php shows the "guilty" line as
>
> if(!CondAuth($pagename, "zap")) ZAPabort('submit', "You are not authorized
> to submit this form. ");
>
> As to what Dan said, it can obviously be allowed to anyone without
> problems, so if you set
>
> $UA2AlwaysAllowedLevels[] = 'zap';
> $HandleAuth['zap'] = 'zap'; // this line currently only
>
> in your local/config.php, it should be fine.
>As actually all additional settings are generally useful, I have put them directly in the UA2 distribution. In particular I have introcuced a new variable $UA2DenyAttrLevel which when set to false will allow the "attr" level (and thus access to the attr pages) to the wiki admin. (Default is true, which denies "attr" to anyone.) The previous config recommendations will thus be replacable by $UA2DenyAttrLevel = false; starting from version 2.1-beta1. ThomasP _______________________________________________ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
