This is a static dump of issues in the old "Flyspray" bugtracker for DokuWiki. Bugs and feature requests
are now tracked at the issue tracker at Github.
Closed
Works for me
Works for me
FS#1930 ACL Fails with userewrite in closed Wiki
ACL & Authentication
-
2010-03-31 themaze75
==== The setup =====
Clean setup using "Closed Wiki" (Permission: @All = none)
in local.php:
$conf['userewrite'] = '1'
Activating provided .htaccess file at root of site.
==== The Issue =====
When accessing ACL as admin, you get the mention "for admin only"
Media manager in posts do not allow you to link / upload images
You can still create / edit entries.
==== Some Clues =====
If you log in using "doku.php?do=login" (instead of "/start/?do=login), you will be asked to log in again - after which both the media manager and the ACL control will work.
Doing this, you end up having two session cookies (different names, same values).
Seems like logging in is done a tad differently whether you are using nice urls or not and that ACL + Media manager rely on the "no nice url" method.
If you do not log in using "doku.php?do=login", the ACL and the media manager thinks your are simply not logged in.
==== .htaccess ====
## Enable this to restrict editing to logged in users only
## You should disable Indexes and MultiViews either here or in the
## global config. Symlinks maybe needed for URL rewriting.
#Options -Indexes -MultiViews +FollowSymLinks
## make sure nobody gets the htaccess files
<Files ~ "^[\._]ht">
Order allow,deny
Deny from all
Satisfy All
</Files>
## Uncomment these rules if you want to have nice URLs using
## $conf['userewrite'] = 1 - not needed for rewrite mode 2
RewriteEngine on
#
## Not all installations will require the following line. If you do,
## change "/dokuwiki" to the path to your dokuwiki directory relative
## to your document root.
RewriteBase /test2/
#
## If you enable DokuWikis XML-RPC interface, you should consider to
## restrict access to it over HTTPS only! Uncomment the following two
## rules if your server setup allows HTTPS.
#RewriteCond %{HTTPS} !=on
#RewriteRule ^lib/exe/xmlrpc.php$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]
#
RewriteRule ^_media/(.*) lib/exe/fetch.php?media=$1 [QSA,L]
RewriteRule ^_detail/(.*) lib/exe/detail.php?media=$1 [QSA,L]
RewriteRule ^_export/([^/]+)/(.*) doku.php?do=export_$1&id=$2 [QSA,L]
RewriteRule ^$ doku.php [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) doku.php?id=$1 [QSA,L]
RewriteRule ^index.php$ doku.php
-
2010-06-09 nlights
Same problem here but I can see no relation to the userewrite configuration. I use a farm setup as described on dokuwiki.org and I also can't use the ACL manager because of "CRSF Attack". I can only see the ACLs of the page I visited before going to the ACL manager. -
2010-06-09 nlights
I forgot: I use the current devel version. -
2010-06-09 themaze75
If its telling you it fails because of "CRSF Attack", then its most likely not the same problem :) -
2010-06-26 foosel
Could not reproduce this, neither with the superuser nor with a simple user account on a closed wiki. -
2010-09-21 mad-monkey
Hey,
i have the same Problem. When i logged in as admin and try to set any access-control sometimes this problem occours. I have the rewrite set to .htaccess.
