[dev] Kolab Share wrapup
Gunnar Wrobel
wrobel at horde.org
Wed Feb 16 12:12:38 UTC 2011
Hi!
the update of the Kolab share backend is complete and the testing has
been aligned with the SQL based backend. I already fixed a few issues
of the test suite in cases where I considered the tests to be having
too much internal knowledge of the SQL backend. There are still a few
issues left and I wanted to summarize my remaining notes and questions
here.
There is one API change that I'd like to suggest:
1) The Kolab backend requires a "name" attribute when creating a share
For the SQL share the "name" attribute is not really relevant and you
could create an unnamed share. For the Kolab backend this is not quite
the same. Let's take the calendars as an example: If a user on a Kolab
backend creates a new calendar within Kronolith he will give it a
name: "Calendar" for example. The user would expect this calendar to
pop up with exactly the same name in Outlook, Kontact or Thunderbird.
For that to work the new calendar will have to be named
"INBOX/Calendar" on the IMAP server. This is however also the only
type of ID reference there is: the folder name on the server. That
means that the "name" attribute and the internal backend ID are
automatically linked for the Kolab backend.
Currently a Kolab share object is considered invalid as long as no
"name" attribute has been set. Actually this approach has worked quite
well in the past (Horde3) since our code always sets a name. But it is
currently not obvious from the API that you *must* set a name if you
use the Kolab backend.
This is the only interface change I would definitely like to see in
the current API. We currently use
public function newShare($owner, $name = '')
{
$share = $this->_newShare($name);
$share->set('owner', $owner);
return $share;
}
and I would like that to be
public function newShare($owner, $share_name = '', $name_attribute = '')
{
$share = $this->_newShare($share_name);
$share->set('owner', $owner);
$share->set('name', $name_attribute);
return $share;
}
As we seem to be setting a share name everywhere in the code anyway I
assume this should pose no problem. Unless nobody disagrees I would
make that change.
Besides that change I would have two questions concerning the SQL
based backend:
1) Visibility of shares to the system user
The "_listSharesSystem" test verifies that the system user only sees
the "systemshare". For the Kolab backend the system users sees
"myshare" as well as the default permission grants Horde_Perms::SHOW.
The SQL driver seems to verify the guest permissions only. Is that
intended or should the check also include the default permissions?
2) Removing shares twice
Why does "removeShare()" not fail with the SQL backend? The Kolab
backend complains that the share does not exist anymore as it has been
already deleted before resetting the cache. Issue or intentional?
Besides the things above I collected a few notes that I wanted to
share. None of these require any action but I'm of course happy if
others have some input on these.
1) The Kolab backend enforces authentication and permission
The SQL backend ignores authentication and the fact that not every
user can do everything with shares. This is visible from the test
suite where the SQL tests initialize the Share handler with
new Horde_Share_Sql('test', 'john', new Horde_Perms(), $group);
The current user is set to 'john' but the user is used to create
system shares and the shares for other users during the tests. This is
something I simply cannot do with the Kolab backend because the IMAP
server will tell me: "Oh, you are John and you really want to create a
share for Jane? Hm, ... NO!" (... unless Jane gave John explicit
permissions on her account). So I have to really switch users during
the test suite.
2) listAllShares()
This call does not really work as expected for the Kolab backend
because it would require real IMAP manager credentials. The SQL
backend can support this call for just any user as it does not heed
the authentication (see (1)).
3) System shares
Not implemented yet and I still have to think about these. The SQL
backend currently assumes that such shares use "null" as the creator
ID. I will probably implement them with a special user account.
4) Different share ID's for each user
The internal ID for shares used by the backend remain the same for the
SQL backend. They switch for each user with the Kolab backend (e.g.
while "INBOX/Calendar" will be the basis for the ID for John, Jane
will see it as "user/John/Calendar"). So far I don't see this as a
problem but I might be able to find a way around it.
--
Core Developer
The Horde Project
e: wrobel at horde.org
t: +49 700 6245 0000
w: http://www.horde.org
pgp: 9703 43BE
tweets: http://twitter.com/pardus_de
blog: http://log.pardus.de
More information about the dev
mailing list