[kronolith] Uncovered scenario "room time schedule" by Horde?

Tine Mezgec tine.mezgec at upr.si
Mon Dec 15 13:31:39 UTC 2008 

Jan Schneider wrote:
> Please keep discussions on the list.
> 
> Zitat von Moukharski Anton <moukhara at esiee.fr>:
> 
>>
>>
>> Jan Schneider a écrit :
>>> Zitat von Moukharski Anton <moukhara at esiee.fr>:
>>>
>>>> Hello,
>>>> I was looking for a calendar to use for the time schedule of a room 
>>>> in my school, and a friend advised to use horde, already installed 
>>>> in my organisation's server (http://bde-esiee.esiee.fr/horde/).
>>>> However, after trying out different combinations and looking around 
>>>> in the wiki and a bit on google, I couldn't quite get Kronolith to 
>>>> run the way I would like it to.
>>>>
>>>> Do you have any suggestions on the implementation of the following 
>>>> scenario?
>>>>
>>>>   *  I create a calendar representing the time schedule of a room. I
>>>>     have full powers over the calendar.
>>>>   * Anyone can see the full contents of the calendar, simply by
>>>>     visiting an easy to memorize URL (or I'll make a redirection).
>>>>   * Authenticated users of one group can change and delete events in
>>>>     the calendar, but only their own. I should be the only one able to
>>>>     edit/delete other's events. Eventually, events cannot criss-cross.
>>>>
>>>> Problems encountered :
>>>>
>>>>   * I can't seem to distinguish event property in terms of
>>>>     edit/deletion. That is, either everyone can edit/delete everyone's
>>>>     events, either no one can. Plus, groups cannot be seen in the
>>>>     group list of a calendar's permissions.
>>>
>>> You want to use the "creator" permissions.
>>
>> I've tried that already, but now having retried it understood that 
>> global kronolith permissions are maximum permissions for calendars, 
>> not actual ones (I had authorized every operation for creators but 
>> under global permissions only). So that's ok.
>> Now the problem is for the other room I wish to administrate : here 
>> not all of the horde users should be able to edit it, but only some. 
>> The problem is that if I add individual users (I can't add groups...), 
>> they will have full rights over all the events, and if I authorize 
>> individual user only show/read rights, and edit/delete to object 
>> creators, horde users who are not supposed to be able to modify this 
>> new calendar still can.
> 
> Yes, there is no combination of creator/user permission. If I understand 
> you correctly, you want to give general access to a few users only, but 
> even then only allow them to edit their own events. That's not possible, 
> unless by obscurity, i.e. you can simply hide the calendar to everyone 
> but these users. Other users could still use them if they know the 
> calendar ids.
> 
>>>>   * I can't choose a calendar's URL.
>>>
>>> Why not? What do you mean?
>>
>> The calendar's "display URL" cannot be customized.
> 
> Correct. How should that work anyway? The URL has to point to a valid 
> and working script.
> 
> Jan.
> 

you could have an .htaccess in the root of horde installation that uses mod_rewrite (and a nice gui for editing it).

LPT

More information about the kronolith mailing list