== Example ==
{{{
# acl.default.php
# <?php exit()?>
# Please don't modify the lines above
#
# A sample Access Control Lists file for Moniwiki
#
# $Id: WikiACL,v 1.2 2006/07/09 14:23:23 wkpark Exp wkpark $
@Guest  Anonymous
*       @ALL            deny    *
*       @ALL            allow   ticket
*       @User           allow   *
# some pages are allowed to edit
WikiSandBox     @Guest  allow   edit,info,diff
#*      Anonymous       deny    *
# some POST actions support protected mode using admin password
*       @ALL            protect deletefile,deletepage,rename,rcspurge,rcs,chmod,backup,restore
# some actions allowed to @ALL
*       @ALL            allow   read,userform,rss_rc,aclinfo,fortune,deletepage,fixmoin,ticket
# some pages have restrict permission
MoniWiki        @ALL    deny    edit,uploadfile,diff
}}}
== Predefined @group ==
 * @ALL: all users (priority: 1)
 * @User: registered users (priority: 2)
== User define @Group and @Group priority ==
{{{
##@groupname userlist [priority]
@Guest  Anonymous                   # default group priority is 2
@Kiwirian foobar,kiwi,hello123   20 # @Kiwirain group
}}}
== ACL entry type ==
 * `allow`
 * `deny`
 * `protect`: protect some password protected POST actions (not all actions are protectable)
== ACL matching procedure ==
=== with same priority ===
Last ACL entry is used.
 * {{{allow *}}} + {{{deny *}}} = {{{deny *}}}
 * {{{deny *}}} + {{{allow *}}} = {{{allow *}}}
 * {{{deny *}}} + {{{allow edit,info}}} = only edit,info available
 * {{{allow *}}} + {{{deny info,diff}}} = 
=== with different priority ===
{{{
@Group1    peter,john      20    # priority = 20
@Group2    simon,soo             # default group priorty = 2
* @ALL     allow *               # group priority = 1
* @ALL     deny  backup,restore
* @Guest   deny  *               # group priority = 2
* @Group1  deny  *               # User defined @Group1 group
* @Group1  allow read,info,diff
* @Group2  deny  info,diff
}}}
 * peter and john: {{{allow read,info,diff}}} + {{{deny *}}}
 * Anonymous (@Guest): {{{deny *}}}
 * all other registered users: '''Order Deny,Allow''' - {{{deny backup,resotre}}} + {{{allow *}}}
 * @Group1 : '''Order Allow,Deny''' - {{{allow read,info,diff}}} + {{{deny *}}}
 * @Group2 : {{{deny info,diff}}} + {{{@ALL deny backup,restore}}} + {{{allow *}}}
  * /!\ merge all ACL entries with same group priority.