You are here: Foswiki>Tasks Web>Item14144 (22 Aug 2016, GeorgeClark)Edit Attach

Item14144: WebPermissionsPlugin is confusing, duplicates permissions in Meta settings.

pencil
Priority: Normal
Current State: Confirmed
Released In: n/a
Target Release: n/a
Applies To: Extension
Component: WebPermissionsPlugin
Branches:
Reported By: IvanDebono
Waiting For:
Last Change By: GeorgeClark
First of all, the WebPermissions plugin messed up my site's ACL. Saving and/or changing of individual permissions are not saved properly or not saved at all.

Secondly, I'm trying to restore the site's permissions by comparing a clean install with my current messed up permissions.

As an example, the SitePermissions are being set up like this by editing the WebPreferences topic. (This should reflect a clean install of Foswiki).

Set DENYWEBVIEW =
Set ALLOWWEBVIEW =
Set DENYWEBCHANGE = WikiGuest
Set ALLOWWEBCHANGE =
Set DENYWEBRENAME = WikiGuest
Set ALLOWWEBRENAME =

After saving the above changes, the permissions listed in SitePermissions for the above look like this:

Web Sitemap Listed View Deny Allow Change Deny Allow Rename Deny Allow
Main on ProjectContributor, UnknownUser, BaseGroup, NobodyGroup, MyGroup   WikiGuest RegistrationAgent, AdminUser, AnotherGroup, FirstUser, SecondUser, ThirdUse WikiGuest  

Can some please explain why there is a difference between what I want to set and what is actually being set?

Furthermore, what is the different between not set and a empty?

-- IvanDebono - 15 Aug 2016

Not set means that the setting is undefined. ( Set statement does not appear, or is commented, like:
  • #Set SOMESETTING = Foo
Empty means that it is set, but has no value.
  • Set SOMESETTING =
On Access Control statements, an Empty setting had special meaning on older versions of Foswiki. Setting DENY to empty was the equivalent of "Allow all" ie. Deny nothing. That usage is deprecated in the latest Foswiki versions, as we now have an allow wildcard - the Asterisk, Set ALLOW... = *

In terms of the odd behavior, please check the meta settings of the topic. Under more_topic_actions menu, see the "Edit preference settings".

Note that you should also be able to restore back to the original version of the topic ... restore revision 1, which is another feature under the more topic actions menu.

I'll mark this task against the WebPermissionsPlugin. That's a really old plugin and it may need some review and updates.

-- GeorgeClark - 15 Aug 2016

One more thing. The old WebPermissionsPlugin does not work on Foswiki 1.1.x (and 2.0.x as well). It's noted in the compatibility comments on that plugin. Unfortunately we don't have any mechanism in Configure to hide extensions that are not compatible.

-- GeorgeClark - 15 Aug 2016

So if the default value is 'not set', what value should I use when restoring the permission?

-- IvanDebono - 15 Aug 2016

This is the raw file we shipped with Foswiki 2.1.2

https://github.com/foswiki/distro/blob/cf13c7ddb703140c799c23cd79a357cc7e8f90d2/core/data/Main/WebPreferences.txt

You can view your current raw file on the server by adding ?raw=all to the URL, for ex: https://foswiki.org/Main/WebPreferences?raw=all

-- GeorgeClark - 15 Aug 2016

I installed and tested the WebPermissionsPlugin and see what's probably going on.

Settings in Foswiki topics can be stored in two ways:
  1. As bullets (3-spaces asterisk Set SOMESETTING=value
  2. As Meta settings, which are not visible except from the settings editor, or the "raw=all" view.

The WebPermissionsPlugin makes it's settings in the "Meta" settings which silently override any topic bullet style settings. So to remove these settings
  • Visit the topic in question
  • Click "more topic actions" from the menu in the bottom of the page
  • Scroll down a bit, find the heading Edit topic preference settings and click the "Edit settings for this topic" button
That will take you to an editor that appears to show * Bullet style settings, but they are actually saved in the topic Meta. Remove those settings to re-activate the in-line topic based settings.

-- GeorgeClark - 15 Aug 2016

This solves the problem.

-- IvanDebono - 16 Aug 2016

Re-opening this task. The plugin at least needs a warning that it is maintaining permissions in the meta settings which overrides any inline settings.

-- GeorgeClark - 22 Aug 2016
 

ItemTemplate edit

Summary WebPermissionsPlugin is confusing, duplicates permissions in Meta settings.
ReportedBy IvanDebono
Codebase trunk
SVN Range
AppliesTo Extension
Component WebPermissionsPlugin
Priority Normal
CurrentState Confirmed
WaitingFor
Checkins
TargetRelease n/a
ReleasedIn n/a
CheckinsOnBranches
trunkCheckins
masterCheckins
ItemBranchCheckins
Release02x01Checkins
Release02x00Checkins
Release01x01Checkins
Topic revision: r7 - 22 Aug 2016, GeorgeClark
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy