Ticket #139 (reopened enhancement)
Modify ACL to allow child pages to use parent's ACL
|Reported by:||gklaus@…||Owned by:||BrianKoontz|
Description (last modified by BrianKoontz) (diff)
Setup the ACL system to allow child pages to either check parent's ACL or, when creating a new page, to copy the parent's ACL to itself, thereby enforcing a protected environment.
Currently, you must implicitly set the ACL on each new page. We have some documents on an intranet site that should only be accesible by administrators. If a user creates a new page and forgets to set the ACL, any valid user can read that page, thereby by-passing our security.
This ticket is also referenced by #217
This ticket actually refers to a couple of different, but related, concepts:
1. The cloning of ACLs from a source page (addressed in #217).
2. Using the ACL settings of an existing page for the ACLs of a different page.
3. ACL "template" pages that could be used to specify the ACLs for another page.