[Tickets #14179] Re: Administration -> Configuration for sites with a vhost config should modify conf-<vhost>.php

noreply at bugs.horde.org noreply at bugs.horde.org
Fri Dec 4 10:56:45 UTC 2015 

DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: https://bugs.horde.org/ticket/14179
------------------------------------------------------------------------------
  Ticket             | 14179
  Updated By         | mike.gabriel at das-netzwerkteam.de
  Summary            | Administration -> Configuration for sites with a vhost
                     | config should modify conf-<vhost>.php
  Queue              | Horde Base
  Version            | Git master
  Type               | Enhancement
  State              | New
  Priority           | 1. Low
  Milestone          |
  Patch              |
  Owners             |
------------------------------------------------------------------------------


mike.gabriel at das-netzwerkteam.de (2015-12-04 10:56) wrote:

Hi Jan,

> How would you differentiate between vhost admins and a global admin  
> that actually wants to edit the central conf.php? At runtime, all  
> conf.php files are merged, so we only know if, at this point,  
> someone is admin. Not if he is admin for a certain vhost.

I would not differentiate between global and vhost admins.

One site scenario could be:

https://default.example.com/horde does only have a conf.php and _no_  
vhost config. The admin of default.example.com can globally  
administrate the Horde installation.

vhost1.example.com/horde provides a horde/conf-vhost1.example.com.php  
file and in this file another admin is shipped by adding  
$conf['auth']['admins'] to this horde/conf-vhost1.example.com.php.  
This should override the global admin privilege and allow this vhost  
admin to configure his vhost.

Another site scenario could be:

All (default) conf.php files are edited by hand (and are derived from  
a default Horde installation) and all Horde instances are vhost  
instances. So configuration of a vhost instance is mainly done via the  
conf-<vhost>.php files. The vhost config files should only stored  
parameter that are not set in the default conf.php.

If the global admin wants to modify vhosts, he needs to do this on  
config file level.

Again, we need to provide the $conf['auth']['admins'] array()  
populated with appropriate site admin logins.

I am aware that this could be fine-granulaed more and more (e.g. there  
could be ACLs in the conf.php file so that some conf.php params are  
not editable in vhosts, etc.).

The point is that at the moment, a Horde service provider cannot  
delegate Horde administration in vhost scenarios at all.

More information about the bugs mailing list