[Tickets #10470] Re: full creator permissions on a calendar "all authenticated" can show+read does not imply add privileges
noreply at bugs.horde.org
noreply at bugs.horde.org
Tue Mar 18 13:46:23 UTC 2014
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/10470
------------------------------------------------------------------------------
Ticket | 10470
Updated By | gimili17 at gmail.com
Summary | full creator permissions on a calendar "all
| authenticated" can show+read does not imply add
| privileges
Queue | Kronolith
Version | 3.0.7
Type | Bug
State | Assigned
Priority | 1. Low
Milestone |
Patch |
Owners | Horde Developers, Jan Schneider
------------------------------------------------------------------------------
gimili17 at gmail.com (2014-03-18 13:46) wrote:
I just had someone edit an event they did not create so as far as I
can tell this is still an issue as of March 2014 and Kronolith 4.1.5
but it is also possible I am missing something? As far as I can tell
you can't assume events you add are not changed. With drag and drop
events, it is easy to accidently change an event you do not own by
dragging it to a different day. I think people are not aware of this
bug when they setup shared calendars. It would probably be a lot of
work but a "create" or "add new" option seperate from "edit" would be
really sweet. Even if authenticated users lost the "edit" and
"delete" permissions for events they do not own, that would be great
as well. Thank you kindly.
More information about the bugs
mailing list