In wikiconfig.py I have
acl_rights_before = u"Adminuser:read,write,delete,revert,admin +ReaderGroup:read +EditorGroup:read,write,delete,revert"
acl_rights_default = u"All:"
But I have some pages, that I want to make unreadable to anyone expect EditorGroup. I was trying to make that with on page acl line :
#acl EditorGroup:read,write,revert,delete ReaderGroup:
but users, who are members of ReaderGroup still can access that page.... Can anyone tell me, where I am doing a mistake? Thanks.
The rights defined in acl_rights_before cannot be overwritten, thus whoever has rights defined in acl_rights_before will have it regardless of what is defined later.
If you want to be able to overwrite the rights for some group or user in the #acl-directive of the page, the right has to be defined in acl_rights_default.
Moving the rights to acl_rights_default in wikiconfig.py
acl_rights_default = u"Adminuser:read,write,delete,revert,admin ReaderGroup:read EditorGroup:read,write,delete,revert All:"
and on the page remove all rights for the ReaderGroup and keep the rest "Default":
#acl ReaderGroup: Default
if you have other groups it seems easier to me to just define the rights for the EditorGroup explicitly on the page (all others, except acl_rights_before will be overwritten)
#acl EditorGroup:read,write,delete,revert
