[horde] Ansel gallery permissions

Arjen de Korte arjen+horde at de-korte.org
Wed Jun 26 06:31:24 UTC 2013 

Citeren Simon Wilson <simon at simonandkate.net>:

>> Two things for Ansel permissions:
>>
>> 1. I have my preferences for Ansel set to:
>>
>> When a new gallery is created, what permissions should be given to  
>> authenticated users by default? Read-only
>> When a new gallery is created, what default permissions should be  
>> given to groups that the user is a member of? None
>> When a new gallery is created, what permissions should be given to  
>> guests by default? None
>>
>> When I create a new Gallery, no-one else can see it. Set  
>> Permissions on that gallery show everything empty. If I tick  
>> Show/Read for All Authenticated Users, then they can view the  
>> gallery, as I would have expected would happen by default from my  
>> Preference settings.
>>
>>
>> 2. I have top-level Horde permissions set for Ansel as:
>>
>> a:3:{s:4:"type";s:6:"matrix";s:6:"groups";a:1:{s:58:"cn=HordePhotosAccess,ou=hordegroups,dc=simonandkate,dc=lan";i:30;}s:5:"guest";i:6;}
>>
>> Which is the group set to Show/Read/Edit/Delete, and Guest set to Show/Read.
>>
>> Objective 1 is that all users can generate their own Galleries,  
>> delete them if they want, and set permissions, which the Group  
>> access provides.
>> Objective 2 is I would like to be able for non-authenticated guests  
>> to browse to https://mail.simonandkate.net/ansel/ and see the  
>> galleries that Guests are allowed to see, and then able to browse  
>> those galleries without logging in, which is what the Guest access  
>> should provide.
>>
>> When I set a gallery to All Authenticated Users Show/Read, and  
>> Guest Permissions Show/Read, I cannot get access to that gallery  
>> without logging in.  
>> https://mail.simonandkate.net/ansel/view.php?gallery=10 always  
>> bounces to Log in page, as does https://mail.simonandkate.net/ansel/
>>
>> What am I doing wrong? Changing permissions for Auth Users responds  
>> immediately, so it's not caching somewhere... how do I get non-auth  
>> access to guests?
>>
>> Simon
>>
>
> Ahh frustrating sometimes how all of these things inter-connect! I  
> have enabled caching (Hashtable / redis) to improve performance and  
> reduce calls to the weather api.
>
> If I *disable* Horde Caching, I can generate proper permissions that  
> are flowed through immediately. Re-enable caching, and the cached  
> (now incorrect) permissions return. The way I am doing it is this  
> sequence:
>
> 1. Disable horde cache
> 2. Change permissions
> 3. redis-cli flushall
> 4. Re-enable horde cache
>
> I could probably do it with a redis-cli flush-all only. I will log  
> an enhancement request for that.

Do you have share caching $conf[share][cache] enabled? In that case,  
this is expected behaviour.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 308 bytes
Desc: PGP digitale ondertekening
URL: <http://lists.horde.org/archives/horde/attachments/20130626/a8a5901b/attachment-0001.bin>

More information about the horde mailing list