Access control for friends and wizards

From GeneWeb
Revision as of 14:21, 22 April 2016 by A2 (Talk | contribs) (A2 moved page Password to password: minuscule)

Jump to: navigation, search
150px-Geographylogo svg.png Language: English • français

Access to the content of a base is controlled through several mechanisms:

  • A server level access control limiting access to a list of persons, verified by a password;
  • A base level access control limiting access to a list of persons, verified by a password.

These two mechanisms restrict to a known list the possible visitors to a base. See Access for details.

  • A generic of specific password mechanism giving to some visitors the status of:
    • Wizard: having total read and write access to the base content;
    • Friend: having total read access to the content of the base;
    • Visitors: (default status) having limited access to the content of the base (persons older than some value, as defined by private_years in the configuration file basename.gwf. Default is 150 years).
Visitors have also access to persons tagged as "public", as defined in Update a person.

Generic access

Generic access is directly defined in the configuration file basename.gwf:

friend_passwd=
wizard_passwd=

Two syntaxes are possible for the value of this parameter:

  • username:password: in this case all users share the same username/password pair;
  • password: in this case, username is optionnal and left to the choice of the user.
note that username is displayed on some GeneWeb pages such as the welcome.txt page.

For instance, the grimaldi.gwf configuration file of the GeneWeb test base contains:

friend_passwd=grimaldi:friend
wizard_passwd=grimaldi:wizard

Depending on the template, user authentification is achieved through direct entry of username:password in the appropriate input line, or through clicking on a "friend" or "wizard" button, in which case the browser will pop-up a small window with two entry lines for the username and the password. In this case, the : is simply ignored.

Note that the access control pop-up window of GeneWeb may offer in some context a single capture field rather that two. In this case, one should entre the full {{c|username:password]] sequence (or password if there is no username).

Specific access

Specific access control is achieved by defining files containing username:password pairs (usually with extension .auth). The names of those files are directly defined in the configuration file basename.gwf and should reside in the bases folder. There can be several files for several bases:

friend_passwd_file=
wizard_passwd_file=

The syntax of those files is as follows:

username:password 
username:password:comment
username:password:full name:comment
username:password:first-name /last-name:comment

The full name appears in the wizard page, alphabetically sorted. The / helps define the sorting position in the case of compound names. For instance: louis:xyz:Louis de /Broglie will be sorted at letter B and appear as Broglie (Louis de).

When both specific access and generic access are specified in the configuration file basename.gwf, the specific access mechanism takes precedence.


GeneWeb Manual

Rembrandt Old Man Reading a Book.jpg

Use and manage genealogical databases

Technical annex