|
PITS /
00870Summary: notification mechanism should take page permissions into account
Created: 2007-01-22 04:15
Status: Open
Category: Feature
From: ThomasP
Assigned:
Priority: 4
Version: 2
OS:
Description: When recently setting up a wiki page dedicated for some work with a colleague I noticed that a notify=myColleaguesAddress@somewhere.com would notify him of every page change on the site, also the ones that are not readable to him. This is not necessary, and may even be a security/privacy issue. Indeed it would be possible at the moment to just include the ... page=Misc.OurSharedPage1,Misc.SharedPage2 in the notify command for every page that is readable by him, however this is not practical as one then has to maintain permission and notification settings in duplicate where one place would suffice. Finally, considering that one would sooner or later seek for a decentralized (and user-controlled) notification management file (see PITS.00772), it is better to do it right (i.e. do a check) on the code level. Thus I would propose the readability check into the notify.php code. At the moment this is still difficult since
While the second part is probably easily done (using authuser.php; for userauth.php some additions necessary), the first part would require some profile of the user with an appropriate option in it. (Don't know whether the Profile pages belonging to a user are capable of this. Note that it should be secure in the end - no address spoofing etc.!!) This PITS issue is therefore more meant to document the issue. See alsoOther notification related PITS issues are
|