[bugs] [Bug 1282] New - Shared contacts list

bugs at bugs.horde.org bugs at bugs.horde.org
Sat Jun 14 02:45:39 PDT 2003 

http://bugs.horde.org/show_bug.cgi?id=1282

*** shadow/1282	Sat Jun 14 06:45:39 2003
--- shadow/1282.tmp.26270	Sat Jun 14 06:45:39 2003
***************
*** 0 ****
--- 1,61 ----
+ Bug#: 1282
+ Product: Horde
+ Version: 2.2 Stable
+ Platform: PHP Code
+ OS/Version: Linux
+ Status: NEW   
+ Resolution: 
+ Severity: enhancement
+ Priority: P2
+ Component: IMP
+ Area: BUILD
+ AssignedTo: chuck at horde.org                            
+ ReportedBy: abuse-impbugs at mayday.cix.co.uk               
+ URL: 
+ Summary: Shared contacts list
+ 
+ I have people using imp with the same user name on multiple servers.
+ Quite reasonably imp treats these as different and they have different
+ contact lists.
+ 
+ The users, however, see themselves logging in with the same user and
+ password and expect 'the computer' to see them as the same person and
+ give them their contact list.
+ 
+ Then there's the 'problem' of a real shared contact list 
+ (eg: company clients, webmail support contacts etc)
+ 
+ Allowing multiple users to user the same contact lists would be easy,
+ two extra fields for the names of a private and a public contacts list
+ against each user at server combination.
+ Securely updating these fields is the nasty bit!
+ 
+ One simple method:
+ 
+ Each contact list has a name.
+ 
+ So they can be stored in the current table global ones would either not
+ have an @host suffix or have a suffix of @Contacts_list added.
+ 
+ Each contact list optionally has a password attached.
+   -> Empty password
+       Anybody can set this as their public list. (updates allowed?)
+   -> No password
+       Nobody can _attach_ to this list, however, anybody who is
+       already attached can still use the list.
+   -> Password (hashed)
+       User can attach to the list IF they supply the correct password
+       Anybody who is already attached can use the list without a PW.
+ 
+ Once 'all' users have been attached to a contacts list the pasword can
+ be removed (this means no passwords are stored on the impserver long term)
+ 
+ Only Contacts lists with a password (or empty pw) would be listed for
+ attachment.
+ 
+ That sould be reasonably simple and safe, thankyou for your attention.
+ 
+ NB: Minor addition, while checking bugzilla I had the thought that the ability 
+ to upload and download the contacts list to the browser would be nice. 
+ The format isn't really relevent except that it must be simple (tab seperated?)
+

More information about the bugs mailing list