Hi Paul, On Thu, Dec 9, 2010 at 02:28, Paul Harris <harris...@gmail.com> wrote:
> On 9 December 2010 09:21, Paul Harris <harris...@gmail.com> wrote: > > > Hi again, > > > > I wanted to protect my "Website Admin" from any non-admins, > > So I edited the Rights to that space, and clicked the 'View' button on > > 'XWikiAllGroup' until it was a red cross. > > Then I checked in the other webbrowser (logged in as a regular user), and > > sure enough, I couldn't view the page. > > > > However, I then went to this address: > > http://domain.com/xwiki/edit/Website+Admin/ > > and the regular user was able to edit the page! which also includes a > > 'Preview' button, which shows them a View! > > > > not good. > > > > > After I removed ALL the rights to the AllUsers group, I noticed that > unregistered users are able to view the space. > > What happens when I add more groups to the wiki, will those users be able > to > view the space? Or will they be covered by AllUsers? > > I don't find this intuitive... I haven't thought this through, but I > would've preferred to be able to switch OFF all rights, and then switch on > the rights to the users/groups I want to edit. At the moment there are a > few places where you could accidentally leave access open to spaces that > should not be open. > There is a way to achieve this. In your wiki's administration, give all rights (green checkmark) only to the XWiki.XWikikiAdminGroup . Leave all other boxes blank. In practice, this will deny all rights to anyone on the wiki but for the admin group. Then you can add rights iteratively from there. Guillaume > thanks > Paul > _______________________________________________ > users mailing list > users@xwiki.org > http://lists.xwiki.org/mailman/listinfo/users > _______________________________________________ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
