Short description
Since we can use the action copy page we can handle template pages differently.
If a template page has acls and the user has no admin rights he is not able to store the newly created page with that acl line.
That can be done different. The template page can be copied to the new page and then loaded into the editor. Of course we have to check if it makes sense for the current user to use the choosen template (read, write rights).
And we need to check if the user has aborted the edit and the page is still copy of the template page. -- ReimarBauer 2008-06-09 07:42:08
I think the proposed implementation is completely wrong. The template should be loaded into the page editor as normal, but the ACL stored in the session. When the user saves, the ACLs are compared against the copied version in the session and if they match, the edit is allowed. That also avoids problems with somebody changing the template in the middle of the other edit. -- JohannesBerg 2008-06-20 20:35:35
my consent. Probably we should extend this to every page edit. -- ReimarBauer 2008-06-21 07:36:21
Not entirely sure. If somebody edits the page inbetween and removes your permissions to change it, you shouldn't be able to change it even if you have it already open, which could happen. I think templates are a corner case though. Maybe we need a clear definition of what should be allowed and what shouldn't? See below. -- JohannesBerg 2008-06-21 08:01:43
Ok another thing: It seems odd to me to even want copying ACLs from a template, does this need to be configurable?
- use case: on wireless.kernel.org I mark templates read-only so people don't muck with them, but the page they create from them should obviously be writable.
This use case would indeed conflict with the table below. -- AlexanderSchremmer
Yes, the table below is modeled after the other use case. -- JohannesBerg
- use case: (what is the use case for copying ACLs with the template?)
- a homepage template which grants the user admin rights for his homepage or a template page if hierarchical acls enabled to create pages with some default rights or M!yPages action
Also think about that in terms of the storage abstraction: which metadata from a revision is copied when a page is used as a template? Only that metadata that was traditionally embedded in the page? The Page/PageEditor code from the storage branch embeds _all_ metadata in the raw page text (for editing/action=raw), but I think it probably shouldn't do that forever.
Operation |
Default Rights |
Rights from template |
Operation permitted |
create new page (without ACL) |
write, admin |
N/A |
|
create new page (without ACL) |
admin |
N/A |
|
create new page (without ACL) |
(neither write nor admin) |
N/A |
|
create new page (with ACL) |
write, admin |
N/A |
|
create new page (with ACL) |
write |
N/A |
|
create new page (with ACL) |
(neither write nor admin) |
N/A |
|
change ACLs |
admin |
N/A |
|
change ACLs |
(not admin) |
N/A |
|
create new page from template (ACL copied from template) |
write, admin |
(includes write) |
|
create new page from template (ACL copied from template) |
write |
(includes write) |
|
create new page from template (ACL copied from template) |
(neither write nor admin) |
* |
|
create new page from template (ACL copied from template & changed) |
write, admin |
(includes write) |
|
create new page from template (ACL copied from template & changed) |
write |
(includes write) |
|
create new page from template (ACL copied from template & changed) |
(neither write nor admin) |
* |
|
create new page from template (ACL not copied) (use case 1 above) |
* |
N/A |
see create new page (without ACL) |
