[giapeto] Permission system broken

Roel Gloudemans roel at gloudemans.info
Wed Sep 1 01:39:00 PDT 2004


>> At the moment (CVS HEAD today) the permission system in Giapeto is broken.
>> Wether or not you're  authorized you'll get a permission denied; except for
>> admin.
>
> Ok, I see the problem. When you set the permissions in Giapeto, it 
> creates the
> perms object as:
> "giapeto:pages:<page_id>"
>
> However, Horde checks for authorisation to use giapeto by checking only the
> object:
> "giapeto"
>
> So even if in Giapeto you give full perms to a user to the home page, 
> they will
> still not be able to get into Giapeto itself since Horde doesn't see the root
> permission to Giapeto. The workaround is to go into the Horde admin 
> and set the
> base permissions as needed, which would be just show/read to default 
> and guest.
> Then the rest will be handled by Giapeto.
>
> The best solution would be to get some hierarchy logic into the Horde
> permissions, so that e.g. a user with an edit permission for a lower 
> node perms
> object should be allowed show/read to the parent nodes.

I'm not near the testsystem at the moment, but in my mind guest/default rights
are set to read/show in the administration interface. The problem was created
after doing a sync with CVS (Horde and all modules).

When I'm home, I will verify that the settings are correct (if they're not I'm
going to feel really stupid, since you told me nothing new)

Thanx,
Roel.



More information about the giapeto mailing list