[dev] removeUserData permissions
Karsten Fourmont
fourmont at gmx.de
Sun Jun 11 05:12:11 PDT 2006
Hi,
in Turba, Nag, Mnemo and Kronolith we now have a removeUserData function
in the external api. This deletes all data (like private address book
and history) of a user for the respective app.
removeUserData is automatically called for each app by Auth::removeUser
when a user is removed.
However this doesn't work as expected due to permission issues:
when a user (let's call him "admin") removes a user "jondoe", "admin"
normally doesn't have write (delete) permission on "jondoe"s private
data. So the _delete and _list functions internally used by
removeUserData return "permission denied".
Any ideas how to fix this?
cheers,
Karsten
More information about the dev
mailing list