As part of forming the High Dimensional Data Analysis Core, we set up the HDDAC web on the twiki. We want the data to be secure, only accessable by faculty and staff that are involved. However, we also want to setup individual pages (topics) for each project and have it viewable by the investigator and a public section with information about the group. So far, the HddacGroup restricts access to the entire web. Using

* Set ALLOWTOPICVIEW = Main.SomeOneNotInTheHddacGroup

on a single topic in the HDDAC web does not give access to that user.

Something to consider is that I'm using a form and a template to create new pages and listing them with %SEARCH{}%.

The obvious solution to this problem is not restricting access to the web and specifically protecting individual pages. However, this introduces a much higher possibility of user error leading to unprotected data. -- WillGray - 13 May 2005


My first idea is to use a wiki with different access control. MoinMoin does something a little different with an acl_before, acl_default, and acl_after configuration. The before always takes effect, you can override default on individual pages, and after is the fallback. This paradigm would definitely work, but I don't know that I trust the Moin authentication, it would require some extra installation and maintainance, and the difference in markup could be confusing. -- WillGray - 13 May 2005

How about putting the public pages in the Main web (with pointers to the secure pages that are in the HDDAC web)? You can use settings like ALLOWTOPICVIEW and ALLOWTOPICCHANGE to refine access to pages in the Main web. -- DalePlummer - 13 May 2005

I would create a template page for the web. The template would only include the ALLOWTOPICVIEW variable. That way, one would have to remove the variable to make the page public access and by default all pages would not be public. -- ColeBeck - 13 May 2005
