User privileges in HORDE apps
Ari Kuorikoski
kuoriari at smtp.finebyte.com
Fri Mar 15 09:33:40 PST 2002
Hi,
I was wondering that if there is a plan for a module that could handle
user and application level permissions for horde apps. Now we are using
Horde mainly with IMP module, but we would be very interested to start
developing and using the whups module.
I'm not quite sure if this is the right place to tell about my ideas but
here it goes anyway =) I was thinking something like this:
In horde database we have now horde_users table and there is user_uid
varchar(255) and user_pass varchar(32) fields. Lets think that the
user_id should allways be stored in database no mater what login system is
in use. Then we could add a field to db telling which login mehtod to use
(DB|IMAP|FTP etc..). If the users login method <> DB try to login against
this method else compare the login/pw pair on those found in database.
This would allow to add users to horde that don't have the access to the
mail or ftp server that is used for logging in otherwise.
Then we'd need a table for horde application perms. Lets call it
horde_app_perms
It could look something like this:
horde_user_perms
user_id varchar(255)
horde_app varchar(25)
horde_app_perm int
now when accessing a horde app we could check if the user had right to
use this app, or if (s)he happened to be a adminitsrator for that specific
horde application or maybe the user can not even view the current app.
I think this would make horde much more scalable to write more
applications on it. What do you think, I just wanted to share this idea
with you..
--
Linux is like a wigwam. No windows, no gates, apache inside
Ari Kuorikoski
ari.kuorikoski at finebyte.com
FinebyteCom Oy
http://www.finebyte.com
More information about the horde
mailing list