Security Policy Configuration
Contents
SecurityPolicy is a config option that allows wiki admins to dynamically enable or disable certain key actions in a MoinMoin wiki, most notably editing and deleting content. See also HelpOnAccessControlLists for an easier way.
Mechanics
Security restrictions in a MoinMoin wiki work by the interface defined in the MoinMoin.security module. The Permissions class implements the basic interface for user permissions and system policy. If you want to define your own policy, inherit from that base class, so that when new permissions are defined, you get the defaults.
Then either assign your new class to Config.SecurityPolicy in wikiconfig.py (and I mean the class, not an instance of it), or define your class as a member of class Config in wikiconfig.py and name it SecurityPolicy.
Anti-Spam protection
If you enable the "antispam" utility your wiki will fetch the page BadContent from BadContent and keep it automatically in sync. Do not edit it, because your edits will be overwritten.
# add this within Config class, be careful with indentation:
from MoinMoin.security.antispam import SecurityPolicy
SSL-only Write
If you want for security reasons that users do not edit the wiki without using SSL you should add:
# add this within Config class, be careful with indentation:
from MoinMoin.security import Permissions
class SecurityPolicy(Permissions):
def write(self, pagename):
# make wiki only writeable via SSL
return (self.request.is_secure
and Permissions.write(self, pagename)
Samples
For samples on using this mechanism, see SecurityPolicy.
See also
HelpOnAutoAdmin when you want to give some users or user groups admin rights on some pages.