[gollem] Read-only access for backends

Vijay Mahrra vijay.mahrra at es.easynet.net
Thu Jun 23 04:34:24 PDT 2005


Jan Schneider wrote:

> Zitat von Vijay Mahrra <vijay.mahrra at es.easynet.net>:
> 
> There are already backend specific permissions for Gollem. If they are
> not used everywhere, it's a bug, and patches to fix this are welcome.

I would like to submit fix patches, but I need to make sure I understand
everything first.  Please could you help clarify: 

1) How should Horde permissions (in theory if not implemented) affect
Gollem?

In the docs/TODO file it says:
- Manager: permissions
but I couldn't really find anywhere else an explanation of what that refers
to exactly, so I'm guessing the following:

If I set the following permissions (and the users don't have admin rights):

A horde user C wants to be able to upload/edit/delete/modify files using
Gollem to a file backend, but don't want other users of the same Horde
installation A to have the same rights they have on that backend,
effectively others must have only show/read/download permissions (and hide
those related options within the interface)

A - All Authenticated Users     SHOW/READ
B - Guest Permissions     SHOW/READ
C - Individual Users (JBLOGGS)  SHOW/READ/EDIT/DELETE

i) Does this mean that A and B can both view Gollem and the backends, but A
can also edit (but not delete) and C can do all of the above?

At the moment (using the CVS version) with the above permissions A still can
create/delete files, whilst B doesn't actually work at all - the client is
redirect to the login screen.

ii) If C has no perms for EDIT/DELETE is it sensible that they should not be
able to view the upload file dialogue and the actions select-list options?

iii) If C EDIT but no DELETE they should be able to view everything except
the DELETE option from the select list option to delete?

iv) Should we be able set these permissions on a per backend basis?  Because
at the moment such permissions would affect all backends.

2) Regarding the backend-specific perms you mentioned already exist.

i) The backend array value 'attributes' does have 'permission' but as far as
i can tell this has no effect on whether or not all users can
add/edit/delete files.

ii) Should there be a 'permission' setting with the values for Horde perms
SHOW/READ/EDIT/DELETE or 'readonly' in the params array?  

For example if the backend is an ftp account with an ISP somewhere and you
don't want to give users of your Horde installation permission to do
anything other than download from the backend that uses your ftp
credentials.

I hope you can follow my points as it is rather complicated to explain.

Vijay


More information about the gollem mailing list