Actually this doesn’t work.
In order for my users to be able to view and execute pages with scripts on them every time, I have to give them programming rights… which automatically gives them Administrator permissions for the entire wiki.
We have lots of pages which execute code, which needs to run every time, as long as the user has permission to view the page. But these users should not be able to see the ‘back end’ xWiki administration pages, much less alter them.
Additionally, we don’t want to allow them to “delete all entries” or “delete application” either. This is what the rights look like:
So the PPMO group in this example, should be able to open and view pages that have a great deal of velocity code that will execute on them, but should NOT be able to go to the xWiki Administrative section, nor should they be able to create or alter AppWithinMinutes.
If I remove programming rights, they get an error saying that they don’t have the right to view the page or execute the script.
I hope this makes sense.