• Publicity: Public Only All

openacs-procs.tcl

Defining policies for OpenACS

Location:
packages/xowiki/tcl/openacs-procs.tcl
Created:
2014-10-31
Author:
Victor Guerra

Procedures in this file

Detailed information

[ hide source ] | [ make this the default ]

Content File Source

::xo::library doc {
    Defining policies for OpenACS

    @creation-date 2014-10-31
    @author Victor Guerra <vguerra@wu.ac.at>
}

::xo::library require package-procs

namespace eval ::xowiki {
  Policy openacspolicy -contains {

    Class Package -array set require_permission {
      reindex             {{id admin}}
      rss                 none
      refresh-login       none
      google-sitemap      none
      google-sitemapindex none
      change-page-order   {{id admin}}
      manage-categories   {{id admin}}
      edit-category-tree  {{id admin}}
      delete              swa
      edit-new            {
        {{has_class ::xowiki::Object} swa}
        {{has_class ::xowiki::FormPage} nobody}
        {{has_name {[.](js|css)$}} swa}
        {id create}
      }
    }
    
    Class Page -array set require_permission {
      view               {{item_id read}}
      revisions          {{item_id write}}
      diff               {{item_id write}}
      edit               {{item_id write}}
      save-attributes    {{item_id write}}
      make-live-revision {{item_id write}}
      delete-revision    swa
      delete             swa
      save-tags          login
      popular-tags       login
      create             registered_user
      create-new         registered_user
      create-or-use      registered_user
      show-object        swa
    }
    
    Class Object -array set require_permission {
      edit               swa
    }
    Class File -array set require_permission {
      download           {{package_id read}}
    }
    Class FormPage -array set require_permission {
      view               registered_user
      edit               {
        {{in_state initial|suspended|working} creator} admin
      }
      list               admin
      create             registered_user
      create-new         registered_user
      create-or-use      registered_user
    }
    Class Form -array set require_permission {
      view              admin
      edit              admin
      list              admin
    }
  }
}