[Tickets #10470] full creator permissions on a calendar "all authenticated" can show+read does not imply add privileges
bugs at horde.org
bugs at horde.org
Wed Aug 31 14:29:48 UTC 2011
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/10470
------------------------------------------------------------------------------
Ticket | 10470
Created By | Ralf Lang (B1 Systems GmbH) <lang at b1-systems.de>
Summary | full creator permissions on a calendar "all
| authenticated" can show+read does not imply add
| privileges
Queue | Kronolith
Version | 3.0.7
Type | Bug
State | Unconfirmed
Priority | 1. Low
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
Ralf Lang (B1 Systems GmbH) <lang at b1-systems.de> (2011-08-31 14:29) wrote:
See also mailing list. As you describe the intendedbehaviour I assume
this is a bug.
If you think the slightly dated version 3.0.7 is an issue I'll verify
against git.
> > Well yes, it's logical. The creator of an event has permission [xyz] but
> > an event that doesn't exist has no creator. I still have to figure how
> > that works. Probably we're missing something here. It's not a
> > bleeding-edge new thing after all.
>
> How it worked in Horde 3 and how it's still supposed to work in Horde
> 4, is that setting creator permissions implicitly sets add permissions
> too. So even if not all authenticated users have write permissions,
> they all have add permissions as soon as they have creator permissions.
>
> Jan.
Actually no, and it seems to be consistent between traditional and ajax view.
test setup:
login admin.
create system calendar "permstest"
Setup matrix:
all auth gets show + read
normal user "testuser1" gets no on calendar perms
object creator gets full perms
logout admin.
login testuser1 (traditional)
create event.
Dropdown "calendar" doesn't offer 'permstest'
change to ajax
create event
Dropdown "calendar" doesn't offer 'permstest'
More information about the bugs
mailing list