History: Permission Management
Source of version: 19
Copy to clipboard
A profile would not be very useful if it could not grant rights appropriately for groups. Profiles allow to create groups and to modify the permissions of existing groups using a unified syntax.
The permissions block is a top level block.
^The YAML Camel for permissions.
You can use {file name="YAML Camel - Permissions.xlsx" page="PermissionManagement" desc="this spreadsheet"} to create (most of) the YAML markup you need to create a permissions profile. (Excel 2007)^
((TikiPress_MU)) - Multiple Bloggers,Teachers,Facilitators etc, working with registered participants,all managed by staff.
!Example
!!Group Permissions Example
{CODE(caption=>YAML,wrap=>1)}
permissions:
Anonymous:
allow: [ export_wiki ]
Registered:
description: Will be ignored because group is already created
allow: [ edit, minor ]
deny: [ export_wiki ]
Moderators:
description: Trusted users watching the recent changes to avoid spam
allow: [ rollback ]
include: [ Registered ]
{CODE}
!!Group Permissions and Object Permissions Example
{CODE(caption=>YAML,wrap=>1)}
permissions:
Anonymous:
allow: [ export_wiki ]
Registered:
description: Will be ignored because group is already created
allow: [ edit, minor ]
deny: [ export_wiki ]
Moderators:
description: Trusted users watching the recent changes to avoid spam
allow: [ rollback ]
include: [ Registered ]
objects:
-
type: forum
id: $moderator_discussion_forum
allow: [ forum_post, forum_post_topic, forum_read ]
{CODE}
Permissions can be set to specific objects as long as the ID is known or it was also created by a profile using ((Object References)). The object type does not have to be supported by Tiki Profiles, but a static ID will have to be provided.
!Group attributes
Unless mentioned otherwise, these attributes only apply on group creation
||__Field name__|__Mandatory__|__Value__
description| |Group description
allow| |List of permissions granted to the group. Permissions are as used in tikiwiki, except initial ''tiki_p_'' is removed. Applies on existing groups.
deny| |Negative permissions. Same as ''allow''. Applies on existing groups.
include| |Group name or list of included groups. Applies even if the group exists. Will replace the current list of included groups.
objects| |List of ''objects permissions''. (see below)
home| |URL of the group home.
theme| |Default theme for members.
user_signup| |y or n, users can join this group themselves
default_category| |Category ID.
user_tracker| |Tracker ID.
group_tracker| |Tracker ID.
registration_fields| |List of tracker fields to display in the registration form.
||
!Object permissions
||__Field name__|__Mandatory__|__Value__
type|yes|Object type, as known in tikiwiki or profiles
id|yes|Object ID.
allow| |Similar to group allow.
deny| |Similar to group deny
||