That needs to go into the API Examples
For now I add it here
If you have a parser for data on a page and you don't want that a user who is allowed to read the rendered result but not the raw etc. text you can disable reading for other actions than show by the following example. This example verifies that a user also who has write rights has edit and all other priviledges too. For all other parsers it sets normal read behaviour.
1 from MoinMoin.Page import Page
2 from MoinMoin.security import Permissions
3
4 class Config(LocalConfig):
5 class SecurityPolicy(Permissions):
6 def read(self, page_name):
7 request = self.request
8 page = Page(request, page_name)
9 format = page.pi['format']
10 if format == "bbb_create":
11 if request.user.valid and request.action == u"show" or request.user.may.write(page_name):
12 return True
13 return False
14 return Permissions.__getattr__(self, 'read')(page_name)