[horde] Object Creator Permission

Jan Schneider jan at horde.org
Sun Mar 1 11:41:49 UTC 2009

Zitat von Alfonso Marín Marín <almarin at um.es>:

> Hi all,
> We are trying to use kronolith shared calendars to manage shared  
> resources (cars, meeting-rooms, etc). We need:
> - Only a group of users can see the calendars and make reservations
> - Every user can only edit or delete their own reservations.
> To achieve that, we are using:
> - SHOW and READ perms to that group of users.
> - MODIFY + DELETE to "creator object".
> It works, but we have a problem: the calendars are available for  
> writing to all users because of the "creator object" permisson.
> It happend because kronolith (and in every horde application) checks  
> only for EDIT permissions.
> So i have 2 questions:¿ Does another another permission combination  
> exist to achieve that scenario?

No, and how should that work anyway? If the users wouldn't have  
permissions to create events, how should they be able to modify/delete  
them with their owner permissions at a later point?

> ¿Would it be reasonable checking for SHOW perms in creating  
> aplication forms? I think that an user should create events from  
> application UI only in those calendars that are accesible from the  
> UI (i mean, only in those calendars with SHOW perms).

No, show is show, edit is edit. The difference is pretty clear and  
changing the behavior would be unintuitive and confusing.


Do you need professional PHP or Horde consulting?

More information about the horde mailing list