TiddlyWiki5 icon indicating copy to clipboard operation
TiddlyWiki5 copied to clipboard
verified publisher icon Jermolene

MWS: Users with read only access can make changes

Open Jermolene opened this issue 1 year ago • 2 comments

Steps to reproduce:

  1. Start with a fresh install of MWS
  2. Run npm install and npm start
  3. Visit http://127.0.0.1:8080/ in a browser
  4. Click the button "Add Admin Account"
  5. Enter suitable details for an admin account and click "Add User"
  6. Choose "Manage Roles" and create a new role called OPERATOR
  7. Choose "Manage Users" and then add the details of a new secondary user account
  8. Edit the newly created user to it to the role OPERATOR
  9. Click the home button
  10. Click the padlock icon next to the wiki "recipe-tau" at the URL http://127.0.0.1:8080/admin/acl/recipe-tau/bag-alpha
  11. Assign READ permission to the role OPERATOR for both the recipe and the bag as shown in the illustration below
  12. In a different browser, visit http://127.0.0.1:8080/ and login as the secondary user
  13. As the secondary user visit the wiki http://127.0.0.1:8080/wiki/recipe-tau
  14. Create a new tiddler and observe that it is saved back to the server (this can be verified by refreshing the page). I would have expected attempts to write to the bag to fail given the permissions specified
image

cc @webplusai

Jermolene avatar Dec 23 '24 14:12 Jermolene

I think the issue is resolved, but we do get a "sync error" now. See screenshot.

I think we need a special handling here and implement a proper "read only" mode for the TW UI

image

pmario avatar Jan 07 '25 16:01 pmario

I'm adding this to an ACL checklist issue.

https://github.com/TiddlyWiki/MultiWikiServer/issues/22

This issue should be closable.

Arlen22 avatar Apr 06 '25 12:04 Arlen22