I have an XWiki instance that uses groups as users for sub-pages under the home page.
The home page is read only and can be seen by everyone, but each group has their own sub-pages under the home page.
To achieve this, I allow Edit
permission for all of the groups on the home page, but deny Edit
for XWikiAllGroup
(we use xwiki.authentication.group.allgroupimplicit=1
in xwiki.cfg
- there are no unauthenticated users). Like this:
I recently added a new group, added a user to it, and granted the edit right to the home page to the new group like in the above screen shot, but the new user could not view the home page.
The Admin Tools extension provided the clue as to why the new user could not see the home page: The Rights on space Main
did not have the Deny
permission ordered last in the list, like this:
To fix this, I edited the right for the home page, removed the Deny
from XWikiAllGroup
, then added it back again. After this, it worked as I was expecting - the Deny
permission was last again.
I was wondering if this behavior is by design? It sure caused me confusion for a while.
Thanks!
Bill