-----Original Message----- From: development-bounces@drupal.org [mailto:development- bounces@drupal.org] On Behalf Of Earnie Boyd Sent: Thursday, June 07, 2007 5:45 AM To: development@drupal.org Subject: Re: [development] Requiring node revisions
Quoting Karthik <narakasura@gmail.com>:
One of many scenarios where this will prove to be a hindrance:
1. I create a page using the PHP filter containing sensitive
information.
2. I forget to select the PHP input format. 3. I notice this and edit the page again and select the correct format. 4. I think all is well.
Anybody who can view revisions will be able to see my sensitive information.
* Create a content type ``sensitive data''. * Create a role ``sensitive user''. ** Set the Create and Edit ``sensitive data'' for this role. * Assign a user the ``sensitive user'' role.
Now only the ``sensitive user'' user can see the page to see the revision. Did I miss something?
Earnie
6 years of released Drupal installations that have existing content not in this new role.