I’m on XWiki 12.10.9.
Today I noticed that I do not yet understand the permissions system properly.
All users of a specific “XwikiAllGroup” have “normal” access to the whole Wiki.
I created some toplevel pages in my , where I only checked my own user account in the permissions config:
This page is then only visible to me and administrators, not to “regular” other users.
However, today another user tried the same, and her pages are still visible for any logged in user… (Alsofor example for the “test” user.)
The only differences I can imagine is that her page is no top-level page, and her account does not possess admin permissions.
Do sub pages inherit read permissions from their parents which top-level pages do not?
Would we need to check all other users (or probably better, the “XwikiAllGroup”) with “forbidden” symbols for all permissions in order to reliably deny access / make the page invisible?
Is there a way to view a page’s “effective” permissions for a page for myself and other users, so I can easily check that whatever restrictions I intended are actually in place?