History: Permission Management
Preview of version: 20
A profile would not be very useful if it could not grant rights appropriately for groups. Profiles allow to create groups and to modify the permissions of existing groups using a unified syntax.
The permissions block is a top level block.
Permissions can be set to specific objects as long as the ID is known or it was also created by a profile using Object References. The object type does not have to be supported by Tiki Profiles, but a static ID will have to be provided.
The permissions block is a top level block.
Example
Group Permissions Example
YAML
Copy to clipboard
permissions: Anonymous: allow: [ export_wiki ] Registered: description: Will be ignored because group is already created allow: [ edit, minor ] deny: [ export_wiki ] Moderators: description: Trusted users watching the recent changes to avoid spam allow: [ rollback ] include: [ Registered ]
Group Permissions and Object Permissions Example
YAML
Copy to clipboard
permissions: Anonymous: allow: [ export_wiki ] Registered: description: Will be ignored because group is already created allow: [ edit, minor ] deny: [ export_wiki ] Moderators: description: Trusted users watching the recent changes to avoid spam allow: [ rollback ] include: [ Registered ] objects: - type: forum id: $moderator_discussion_forum allow: [ forum_post, forum_post_topic, forum_read ]
Permissions can be set to specific objects as long as the ID is known or it was also created by a profile using Object References. The object type does not have to be supported by Tiki Profiles, but a static ID will have to be provided.
Group attributes
Unless mentioned otherwise, these attributes only apply on group creation| Field name | Mandatory | Value |
| description | Group description | |
| allow | List of permissions granted to the group. Permissions are as used in tikiwiki, except initial tiki_p_ is removed. Applies on existing groups. | |
| deny | Negative permissions. Same as allow. Applies on existing groups. | |
| include | Group name or list of included groups. Applies even if the group exists. Will replace the current list of included groups. | |
| objects | List of objects permissions. (see below) | |
| home | URL of the group home. | |
| theme | Default theme for members. | |
| user_signup | y or n, users can join this group themselves | |
| default_category | Category ID. | |
| user_tracker | Tracker ID. | |
| group_tracker | Tracker ID. | |
| registration_fields | List of tracker fields to display in the registration form. |
Object permissions
| Field name | Mandatory | Value |
| type | yes | Object type, as known in tikiwiki or profiles |
| id | yes | Object ID. |
| allow | Similar to group allow. | |
| deny | Similar to group deny |
Related tool
The YAML Camel for permissions.
You can use Page "PermissionManagement" does not exist to create (most of) the YAML markup you need to create a permissions profile. (Excel 2007)
You can use Page "PermissionManagement" does not exist to create (most of) the YAML markup you need to create a permissions profile. (Excel 2007)