## Please edit system and help pages ONLY in the moinmaster wiki! For more ## information, please see MoinMaster:MoinPagesEditorGroup. ##master-page:Unknown-Page ##master-date:Unknown-Date #acl MoinPagesEditorGroup:read,write,delete,revert All:read #format wiki #language en `SecurityPolicy` is a config option that allows wiki admins to dynamically enable or disable certain key actions in a MoinMoin wiki, most notably editing and deleting content. See also HelpOnAccessControlLists for an easier way. == Mechanics == Security restrictions in a MoinMoin wiki work by the interface defined in the `MoinMoin.security` module. The `Permissions` class implements the basic interface for user permissions and system policy. If you want to define your own policy, inherit from that base class, so that when new permissions are defined, you get the defaults. Then either assign your new class to `Config.SecurityPolicy` in `wikiconfig.py` (and I mean the class, not an instance of it), or define your class as a member of `class Config` in `wikiconfig.py` and name it `SecurityPolicy`. == Anti-Spam protection == If you enable the "antispam" utility your wiki will fetch the page MoinMaster:BadContent and keep automatically in sync with the original version. Do not edit it, because your edits will be overwritten. Add this at the beginning of your wikiconfig: {{{ from MoinMoin.util.antispam import SecurityPolicy }}} == SSL-only Write == If you want for security reasons that users do not edit the wiki without using SSL you should add: {{{ # add this at the of your config settings: from MoinMoin.security import Permissions # add this later , careful with indentation # make wiki only writeable via SSL class SecurityPolicy(Permissions): def write(self, pagename): return (self.request.is_ssl and Permissions.write(self, pagename) }}} == Samples == For samples on using this mechanism, see MoinMoin:SecurityPolicy. == See also == * HelpOnAutoAdmin when you want to give some users or user groups admin rights on some pages.