# acl.default.php
# <?php exit()?>
# Please don't modify the lines above
#
# A sample Access Control Lists file for Moniwiki
#
# $Id: WikiACL,v 1.2 2006/07/09 14:23:23 wkpark Exp wkpark $
@Guest  Anonymous
*       @ALL            deny    *
*       @ALL            allow   ticket
*       @User           allow   *
# some pages are allowed to edit
WikiSandBox     @Guest  allow   edit,info,diff
#*      Anonymous       deny    *
# some POST actions support protected mode using admin password
*       @ALL            protect deletefile,deletepage,rename,rcspurge,rcs,chmod,backup,restore
# some actions allowed to @ALL
*       @ALL            allow   read,userform,rss_rc,aclinfo,fortune,deletepage,fixmoin,ticket
# some pages have restrict permission
MoniWiki        @ALL    deny    edit,uploadfile,diff

• @ALL: all users (priority: 1)
  
• @User: registered users (priority: 2)
  

##@groupname userlist [priority]
@Guest  Anonymous                   # default group priority is 2
@Kiwirian foobar,kiwi,hello123   20 # @Kiwirain group

• allow
  
• deny
  
• protect: protect some password protected POST actions (not all actions are protectable)
  

Last ACL entry is used.

• allow * + deny * = deny *
  
• deny * + allow * = allow *
  
• deny * + allow edit,info = only edit,info available
  
• allow * + deny info,diff =
  

@Group1    peter,john      20    # priority = 20
@Group2    simon,soo             # default group priorty = 2
* @ALL     allow *               # group priority = 1
* @ALL     deny  backup,restore
* @Guest   deny  *               # group priority = 2
* @Group1  deny  *               # User defined @Group1 group
* @Group1  allow read,info,diff
* @Group2  deny  info,diff

• peter and john: allow read,info,diff + deny *
  
• Anonymous (@Guest): deny *
  
• all other registered users: Order Deny,Allow - deny backup,resotre + allow *
  
• @Group1 : Order Allow,Deny - allow read,info,diff + deny *
  
• @Group2 : deny info,diff + @ALL deny backup,restore + allow *
  
  • /!\ merge all ACL entries with same group priority.