This feature has a very limited usage outside the Reader Management, because there is not (or at least I don't know of) a corresponding value for the view.php3.
(~FRE: Add slice reading password parameter to view.php3)
Difference between revisions of "Permission system - Users, Groups, Roles"
From ActionApps Documentation
(→Protecting slice data against an unathorized read access) |
(→Protecting slice data against an unathorized read access) |
||
| Line 1: | Line 1: | ||
== Protecting slice data against an unathorized read access == | == Protecting slice data against an unathorized read access == | ||
| − | <div class="aafaq" id="faq1667">< | + | <div class="aafaq" id="faq1667"><aafck id=1667> FAQ: id=1667 Protecting sensitive data against reading rel:1702</aafck> |
It has to be said that ActionApps is primarily focused on making the content easy to publishing, share, exchange and distribute. As such, there has been a very low presure on introducing functionalities for protecting the data against unathorized access. | It has to be said that ActionApps is primarily focused on making the content easy to publishing, share, exchange and distribute. As such, there has been a very low presure on introducing functionalities for protecting the data against unathorized access. | ||
Revision as of 21:12, 2 September 2005
Protecting slice data against an unathorized read access
Origin: FAQ: id=1667 Protecting sensitive data against reading rel:1702
Note on the implementation: the password is checked in the
It has to be said that ActionApps is primarily focused on making the content easy to publishing, share, exchange and distribute. As such, there has been a very low presure on introducing functionalities for protecting the data against unathorized access.
Probably the only exception to this is the special type odf slice called Reader Management slice, which stores user's password and other personal data (which can be the case with any slice). In this case it is important that some data are not accessible for reading. This is achieved by setting a reading password for slices containing sensitive data. If you fill the field "Reading Password" in Slice Settings, you must always sent this password as a parameter slice_pwd. This may be done by adding this parameter to SSI includes like
<!--#include virtual="/aa/slice.php3?slice_pwd=the_password&slice_id=xy...."-->
If somebody tries to fetch read-protected data without the correct password, all fields are filled with an error message.
--Marek 25 August 2005 19:35 (CEST)
GetItemContent() function. For AA control panel pages (Item Manager and Item Edit), the function FetchSliceReadingPassword() is used.