9 |
(like <a href="notify.html">notify on change</a>) |
(like <a href="notify.html">notify on change</a>) |
10 |
</p> |
</p> |
11 |
|
|
12 |
|
<p>For each path (which can be file or directory) all trustees are |
13 |
|
evaluated. However, <b>deny</b> has precedence over <b>allow</b> (which |
14 |
|
is default in no trustee is specified). |
15 |
|
</p> |
16 |
|
|
17 |
<h2>Format of trustee file</h2> |
<h2>Format of trustee file</h2> |
18 |
|
|
19 |
<p>Comments are written using hash (#) as first character in line |
<p>Comments are written using hash (#) as first character in line |
77 |
|
|
78 |
Which will work. |
Which will work. |
79 |
|
|
80 |
|
<p>If you want to allow just one user (<i>editor</i>) to have write |
81 |
|
persmissions on file <i>one_editor.txt</i> while all others can read it, you |
82 |
|
could do something like: |
83 |
|
|
84 |
|
<pre> |
85 |
|
/one_editor.txt:*:DW:editor:CRWB |
86 |
|
</pre> |
87 |
|
|
88 |
|
Order of statements is not important. Trustees are always evaluated from |
89 |
|
universal ones (e.g. ones for all users; with *) to specific for this |
90 |
|
user (in this case, for user <i>editor</i>). However, this example |
91 |
|
wouldn't work without <b>C</b> for user <i>editor</i> because <b>deny</b> |
92 |
|
for write would have precidence. |
93 |
|
|
94 |
|
<p> |
95 |
<big>FIX</big> write more examples, better descriptions... |
<big>FIX</big> write more examples, better descriptions... |
96 |
|
</p> |
97 |
|
|
98 |
<a name="anonymous"> |
<a name="anonymous"> |
99 |
<h3>Anonymous access</h3> |
<h3>Anonymous access</h3> |
125 |
<pre> |
<pre> |
126 |
/private:anonymous:DB |
/private:anonymous:DB |
127 |
</pre> |
</pre> |
128 |
|
If you would like to <b>give all your users</b> which are authenticated via |
129 |
|
login and password <b>all access</b> to all files (like in old docman v1.x) you |
130 |
|
also have to add |
131 |
|
<pre> |
132 |
|
/:*:RWB |
133 |
|
</pre> |
134 |
|
However, that <b>will not add all |
135 |
|
permission to anonymous users</b>. If you want to add all that permission |
136 |
|
to anonymous users (which will create wiki-like community for sharing files) |
137 |
|
you must explicitly say that you allow that to anonymous users: |
138 |
|
<pre> |
139 |
|
/:anonymous:RWB |
140 |
|
</pre> |
141 |
|
All those setting will create environment which is very like docman v1.x, |
142 |
|
but with anonymous users allowed to see document in <tt>/pub</tt> and |
143 |
|
upload them in <tt>/incoming</tt>. |
144 |
</p> |
</p> |
145 |
|
|
146 |
<h2>Default security</h2> |
<h2>Default security</h2> |