=begin options

write = root

=end

=head1 PodWiki Authentication System

PodWiki supports basic authentication using cookies,
which are expiring after one day.

Each page can be protected separately for either reading
and/or writing. Permissions can be granted to one or more groups
of users or to one single user.

Each user can be a member of one or more groups.

The administrator can configure users and groups from the
B<SiteAdmin> page which appears if you are logged in as B<root>.

Users can also register themselfes from the login page.

Passwords are stored in encrypted form. So, if a user forgets
his password, you (root) have to change/reset it.

The user can also change his own password if he knows the
current password.

=head2 WRITE access

You can protect a page for writing which makes it possible to
have read-only pages. In this case just add an B<options> block
of the following form to the page to be protected:

 =begin options
 
 write = sales, orderadmin
 
 =end

In this example members of the groups 'sales' and 'orderadmin'
are able to modify the page in question.

You can also write protect a page for a single user:

 =begin options
 
 write = user:max
 
 =end

This allows the user 'max' to write the page only.


=head2 READ access

You can also restrict read access to a page, which makes it
possible to have "private" pages which are not visible to the
public.

You can configure this using this example:

 =begin options
 
 read = noc, support
 
 =end

In this case the protected page is only visible by 'noc' and
'support' members.

You can also read protect a page for a single user:

 =begin options
 
 read = user:max
 
 =end

This allows the user 'max' to read the page only.


=head2 READ-ONLY STATE

PodWiki can be configured to run in a read-only mode. Thus it only
displays the content, it does not provide links to edit pages, no
upload boxes and stuff. You can do this by setting the B<read_only>
variable in the config to I<yes>.

In addition you can define a number of users who have the right
to override this setting by configuring 'read_only_override_users',
you can add there one or more users separated by comma. If a user
listed there logs in, he will get the usual controls to maintain
the site, such as the edit bar, or upload links and stuff. Any
other user will not get this.


=cut

