[development] Requiring node revisions
Earnie Boyd
earnie at users.sourceforge.net
Thu Jun 7 12:44:33 UTC 2007
Quoting Karthik <narakasura at gmail.com>:
>
> One of many scenarios where this will prove to be a hindrance:
>
> 1. I create a page using the PHP filter containing sensitive information.
> 2. I forget to select the PHP input format.
> 3. I notice this and edit the page again and select the correct format.
> 4. I think all is well.
>
> Anybody who can view revisions will be able to see my sensitive information.
>
* Create a content type ``sensitive data''.
* Create a role ``sensitive user''.
** Set the Create and Edit ``sensitive data'' for this role.
* Assign a user the ``sensitive user'' role.
Now only the ``sensitive user'' user can see the page to see the
revision. Did I miss something?
Earnie
More information about the development
mailing list