[horde] Object Creator Permission

Alfonso Marín Marín almarin at um.es
Mon Feb 23 13:10:41 UTC 2009

Hi all,

We are trying to use kronolith shared calendars to manage shared 
resources (cars, meeting-rooms, etc). We need:
- Only a group of users can see the calendars and make reservations
- Every user can only edit or delete their own reservations.

To achieve that, we are using:
- SHOW and READ perms to that group of users.
- MODIFY + DELETE to "creator object".

It works, but we have a problem: the calendars are available for writing 
to all users because of the "creator object" permisson.

It happend because kronolith (and in every horde application) checks 
only for EDIT permissions.

So i have 2 questions:¿ Does another another permission combination 
exist to achieve that scenario?

¿Would it be reasonable checking for SHOW perms in creating aplication 
forms? I think that an user should create events from application UI 
only in those calendars that are accesible from the UI (i mean, only in 
those calendars with SHOW perms).


More information about the horde mailing list