welcome: please sign in

The following 204 words could not be found in the dictionary of 7 words (including 7 LocalSpellingWords) and are highlighted below:
able   above   Access   access   action   activated   add   Add   admin   Admin   Administration   administration   all   All   allowed   allowing   already   Also   also   Alternatively   an   and   another   are   as   at   Auto   auto   autoadmin   automatically   be   been   being   below   but   by   can   change   changes   Check   communication   Configuration   configuration   configured   Control   create   Create   created   creating   default   define   definition   directly   distribution   do   easiest   easily   empty   enable   Enabling   ensure   etc   even   everyone   expanded   feature   fed   file   For   for   form   from   get   give   giving   good   group   Group   groups   have   Having   Help   home   homepage   Homepage   homepages   idea   if   implicitly   import   important   in   included   indent   indirectly   information   into   is   it   It   Just   least   like   limited   line   lines   Lists   Ls   made   maintain   manual   manually   maybe   means   My   name   Name   needed   new   Now   of   On   on   one   only   open   or   other   own   page   Page   Pages   pages   people   personal   policy   Policy   pre   prepared   private   Private   Project   project   protected   put   read   Read   readable   rights   same   saving   security   Security   see   See   settings   should   so   some   source   specific   subpages   Template   template   templates   That   that   The   the   their   them   there   they   They   this   This   those   thus   to   treated   two   usage   Use   use   used   useful   user   users   using   usually   want   way   when   wiki   will   with   would   Write   write   writeable   You   you   your   Your  

Clear message
Page Locked


The security policy autoadmin included in MoinMoin distribution (but NOT activated by default, see below) is useful when you want to automatically and implicitly give some users or user groups admin rights on some pages.

Having admin rights means being able to create or change ACLs, see HelpOnAccessControlLists.

1. AutoAdmin usage

1.1. For a personal homepage

Check if there is a HomepageTemplate with prepared ACL lines or some other already-configured configuration settings.

It is important to ensure your homepage is easily readable and writeable so it can be used as an open form of communication by everyone.

The easiest way to create personal (or private) subpages for your homepage is to use the MyPages action.

Alternatively you can also do it manually, using the ReadWritePageTemplate, ReadPageTemplate or PrivatePageTemplate. They usually have some prepared ACL line on them, e.g.:

#acl @ ME@/ReadWriteGroup:read,write @ ME@/ReadGroup:read

That @ME@ in the template will be expanded to your name when saving, so those 2 subpages (YourName/ReadWriteGroup and YourName/ReadGroup) of your homepage will be used for allowing read/write or read-only access.

Now you only have to maintain those two subpages of your homepage (maybe they even have been auto-created for you) and put the people on them for allowing them access.

1.2. For a project page

See if there is some <ProjectName>Template with a prepared ACL line for your project pages and use it for creating new subpages.

Use <ProjectName>/ReadWriteGroup and <ProjectName>/ReadGroup etc. as you would do for a homepage (see above).

2. AutoAdmin configuration and administration

2.1. Configuration

Add this to your wiki's configuration file:

    # indent the line below like your other settings:
    from MoinMoin.security.autoadmin import SecurityPolicy

Create an AutoAdminGroup page. It is usually a good idea to create an empty page for this.

That page (and also other group pages used with autoadmin, see below) should be ACL protected with write access limited to allowed people. They are used as source for some ACL information and thus should be treated like the ACLs they get fed into.

2.2. Administration

2.2.1. Enabling a home page for AutoAdmin

Just add the user name (same as home page name) to the AutoAdminGroup page. Alternatively, if you want to enable this feature for all users of some specific group, add the group page name to AutoAdminGroup.

All users directly or indirectly on AutoAdminGroup will get admin rights on their own homepage or subpages of it.

This is needed for the MyPages action, but can also get used for manual ACL changes.

You also can define some page templates with pre-made ACLs for them to use for new homepages or subpages of it.

2.2.2. Enabling another (project) page for AutoAdmin

  1. Add <PageName>/AdminGroup to AutoAdminGroup.

  2. Also create that <PageName>/AdminGroup group definition page and add at least one user or one group to that page, giving them admin rights on <PageName> or subpages of it.