28/10/2008
Role Based Access Control
WE::U::P File
Examples / 2
lThe members of the group "news" are
allowed to do the following
operations in all objects below "/News/":"edit", "change-folder",
"new-doc", "rm-doc", "release" and "publish".A regular expression
match is used here (there is no "! match" directive).
l
l! match: regexp
l
group news
l
page /News/.*
l process
edit change-folder new-doc rm-doc release publish
lAt end of
file this rule denies anything not already permitted,similarly to Apache "DENY from
all" directive or
/etc/hosts.deny "ALL: ALL"
l! match: glob
l group
*
l process !*