[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-users] addressbook ACLs
From: |
SI Reasoning |
Subject: |
[Phpgroupware-users] addressbook ACLs |
Date: |
Wed, 26 Feb 2003 02:25:55 +0000 |
I have run into some issues regarding the addressbook ACL's. I know that I can
have the
ACLs for a group so that I can allow read, add, delete etc to other users in
that group. The
problem is when I have multiple groups and I want to restrict parts of an
addressbook to
one group only.
Example:
There are 2 groups: Group A and Group B
There are 3 people in Group A: Person One, Person Two and Person Three
There are 2 People in Group B: Person Eins and Person Zwei
Group A addressbook has ACL's: read add delete for Group A
Group B addressbook has ACL's: read for Group B
Unfortunately, when I add an address in the addressbook, it only gives me the
option of
choosing categories for it, not which group to limit it to. This would not be
so bad if I could
limit categories to a group as well. So now, that I have added an address that
I want limited
to group A, it is also readable by Group B.
Is there a way to restrict these ACL's properly or is this a limitation in the
current design?
One other thing: Whenever I make an ACL change, none of the previously
installed users
seem to be affected by it. For instance, I have users one, two and three
already in
existence in Group A. If I remove read add and delete privileges for Group A.
Then Create
Group C and put users one and two in them. They lose the entire previous
history of
addresses or calender items, etc, even if I setup group C with read add delete
privileges.
This behavior is curious though.... in that it only affects anything that the
user with
administrator privileges was the creator of. If another user was a creator of
an item, then
those former members of Group A will continue to have access to those items
created by
those other users, even if all privileges are dropped from that Group. For
instance in the
previous Group A that had all privileges revoked, User One is the
administrator. In this
case Users two and three no longer see any of User One's inputted items (even
though
User two is now in Group C and should be able to have access to them). However
Users
Two and Three can see each others items created while in Group A (even though
User
three no longer has any privileges).
--
SI Reasoning
address@hidden
gpg public key ftp://ftp.p-p-i.com/pub/si-mindspring-pubkey.asc
The significant problems we face cannot be solved by
the same level of thinking that created them.
-Albert Einstein
- [Phpgroupware-users] addressbook ACLs,
SI Reasoning <=