[kronolith] Clarification on how permissions work on shared calendars

[Ralf Lang]

Am Freitag, 5. August 2011, 17:42:17 schrieb Volker Schmidts:
> Jan Schneider <jan <at> horde.org> writes:
> > Zitat von Volker Schmidts <vsz <at> punk.oc.chemie.tu-darmstadt.de>:
> > > Jan Schneider <jan <at> horde.org> writes:
> > >> Zitat von gimili <gimili17 <at> gmail.com>:
> > >> > Is it possible to have a shared calendar where authenticated users
> > >> > can add events and edit and delete events if they are the creator
> > >> > but only have read access to events where they are not the creator?
> > >> > I can't seem to figure this out.  If I give authenticated users edit
> > >> > permissions they are able to modify all events even if they are not
> > >> > the creator.  If I remove edit permissions they can't add new
> > >> > events.
> > >> 
> > >> Theoretically it should work by giving the user (through default,
> > >> user, or group permissions) read-only permissions, and read-write
> > >> access in the creator permissions.
> > >> 
> > >> Jan.
> > > 
> > > Hi Jan,
> > > 
> > > sorry to dig up this old thread, but after setting up horde and
> > > kronolith I ran
> > > into the very same problem and your solution doesn't work for me. Do
> > > I also have
> > > to set anything in Administration -> Permissions -> kronolith ?
> > 
> > No.
> > 
> > Jan.
> 
> Thanks for the response. Maybe I don't understand the permission system
> correctly then.
> 
> I also have been searching the bug tracker and found #10216, where in
> comment #6 you state: "Writing to a calendar that I don't have edit
> permissions for fails." However in your previous reply you said that
> giving read/write access in the creator permissions should be sufficient.
> 
> If I give authenticated users read/edit permissions (and r/w to the creator
> as you proposed) they can do just that, but they're also able to edit
> events created by other users. If I give them only read permissions (again
> with creator r/w) they are not able to create new events in a shared
> calendar.
> 
> Is this by design? Or some error on my part?
> 
> Volker

Hi Volker, I think it works the following way:

For creating a new event, you need edit perms on a calendar. Creator perms 
apply to events in the calendar after they exist.

User X first has edit perms on a calendar and creates some entries. later the 
creator keeps edit perms but the user's direct edit perms are revoked. He 
should then be able to edit his old entries but not create new ones.

-- 
Ralf Lang
Linux Consultant / Developer

B1 Systems GmbH
Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de
GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537