+ Reply to Thread
Results 1 to 10 of 10

Thread: Prevent anonymous access to the Tools menu

  1. 10-26-2007 09:09 AM #1
    tstan
    tstan is offline Newcomer tstan is on a distinguished road
    Join Date
    Oct 2007
    Posts
    3

    Default Prevent anonymous access to the Tools menu

    Hello,

    I have created a LoginOnly role (with just the "login" permission) and applied it to the anonymous account which works well to prevent anonymous users from browsing the site.

    However, anonymous users are still able to pull down the Tools menu and access the full list of users on our Deki Wiki site.

    Is there a way to prevent anonymous access to the list of users?

    Thanks,
    Todd
    Reply With Quote Reply With Quote
  2. 10-28-2007 06:08 PM #2
    SteveB's Avatar
    SteveB
    SteveB is online now MindTouch Team SteveB has a reputation beyond repute SteveB has a reputation beyond repute SteveB has a reputation beyond repute
    Join Date
    Jul 2006
    Location
    San Diego, CA
    Posts
    5,450

    Default

    That's a bug. I filed a report on it:
    http://bugs.opengarden.org/view.php?id=2845

    Thanks for pointing that out! And welcome to the forums!
    Steve G. Bjorg - Chief Architect
    Did you check the MindTouch FAQ?
    Found a bug? Report it.
    Follow me on Twitter
    Find us on IRC: irc.freenode.net #mindtouch
    Reply With Quote Reply With Quote
  3. 11-15-2007 10:16 PM #3
    redfive
    redfive is offline Newcomer redfive is on a distinguished road
    Join Date
    Oct 2007
    Posts
    21

    Default

    Any update to this issue? Our Wiki launch is being held up because we can't have anonymous users accessing User lists. If possible, please let me know what I can do to override this, even if it's just a stop-gap measure. Also, 'Templates' should not be accessible by Anon. users.

    Thank you,
    Josh
    Reply With Quote Reply With Quote
  4. 11-16-2007 01:25 PM #4
    jmfreier
    jmfreier is offline Newcomer jmfreier is on a distinguished road
    Join Date
    Nov 2007
    Posts
    17

    Default

    it looks like from the bug report it will be addressed in 1.8.3 (Hayes++). It would be great if we could get a stop-gap measure though. Perhaps even prevent them from seeing popular pages as that shows document structure as well if any of the popular pages are child pages.
    Reply With Quote Reply With Quote
  5. 12-17-2007 10:03 PM #5
    redfive
    redfive is offline Newcomer redfive is on a distinguished road
    Join Date
    Oct 2007
    Posts
    21

    Default addressed in 1.8.3?

    Is this in fact addressed in 1.8.3? (ie. in the new 'beta', is login required to see user list?)

    thank you
    Reply With Quote Reply With Quote
  6. 12-17-2007 10:21 PM #6
    royk's Avatar
    royk
    royk is offline MindTouch Team royk has a reputation beyond repute royk has a reputation beyond repute
    Join Date
    Feb 2007
    Posts
    1,871

    Default

    Is this in fact addressed in 1.8.3? (ie. in the new 'beta', is login required to see user list?)

    thank you
    yes, this has been fixed
    Found a bug? Report it.
    Reply With Quote Reply With Quote
  7. 12-17-2007 10:26 PM #7
    redfive
    redfive is offline Newcomer redfive is on a distinguished road
    Join Date
    Oct 2007
    Posts
    21

    Default

    Sweet. Roy, all your hard work is really appreciated.
    Reply With Quote Reply With Quote
  8. 12-17-2007 10:26 PM #8
    PeteE's Avatar
    PeteE
    PeteE is offline MindTouch Team PeteE has disabled reputation
    Send a message via Skype™ to PeteE
    Join Date
    Jul 2006
    Posts
    722

    Default

    Quote Originally Posted by redfive View Post
    Is this in fact addressed in 1.8.3? (ie. in the new 'beta', is login required to see user list?)

    thank you
    redfive - Yes, login is required now if you uncheck the BROWSE flag. Here are a couple of screenshots:
    Attached Thumbnails Attached Thumbnails Click image for larger version Name: Picture 11.jpg‎ Views: 50 Size: 16.6 KB ID: 212   Click image for larger version Name: Picture 12.jpg‎ Views: 42 Size: 19.7 KB ID: 213  
    PeteE - MindTouch lackey
    Join #mindtouch on freenode for questions about MindTouch
    Reply With Quote Reply With Quote
  9. 01-28-2008 07:19 PM #9
    redfive77
    redfive77 is offline Newcomer redfive77 is on a distinguished road
    Join Date
    Jan 2008
    Posts
    3

    Question

    Hi Pete et al,

    We just upgraded to 1.8.3b and this doesn't seem to be working. I'm following your directions and editing the Role settings in the Control Panel, but it appears that I can only do this site-wide, and not just for the Users page.

    What we need is for unlogged-in users to have access to view the Wiki, but not the Users list (in the Tools drop down). How can we make this happen?
    Reply With Quote Reply With Quote
  10. 01-28-2008 09:51 PM #10
    royk's Avatar
    royk
    royk is offline MindTouch Team royk has a reputation beyond repute royk has a reputation beyond repute
    Join Date
    Feb 2007
    Posts
    1,871

    Default

    You'll need to manually modify the PHP to do this - that's not configurable yet.
    Found a bug? Report it.
    Reply With Quote Reply With Quote
+ Reply to Thread
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules