[kronolith] Limiting the creation of Remote Calendars
Jens Wahnes
wahnes at uni-koeln.de
Fri Nov 17 14:47:01 UTC 2017
Is there a way to control as admin what kind of remote calenders users
may create? I could not find any hooks in Kronolith for this. There
seem to be no "Permissions" for this either. For example, one cannot
set a permission to e.g. limit the number of remote calendars that a
certain user can create.
Did I miss something obvious? Or is there really no way to restrain
user actions with regard to remote calendars?
There is one thing in particular that I would like to do: check the URL
of a remote calendar entered by a user via the web interface and reject
it if it fails some test (e.g. a regular expression check). Is there
any way to do this? If I were to set
$_prefs['remote_cals']['hook'] = true;
in kronolith/config/prefs.local.php, would that help? If so, how would
I control the allowed values of that pref?
The problem at hand at our site is that users enter nonsense URLs as
"remote calendars" and the Horde server then queries these URLs.
However, these websites do not offer CalDAV/ICS calendars but just
webbased calenders to be viewed through a browser. To the remote
websites, it looks like the Horde server is the origin of lots of
strange HTTP requests (i.e. REPORT or PROPFIND) that they find disturbing.
The only way around this that I can see currently is to use Horde's
proxy settings to have the remote calendar URLs fetched through a proxy
server. That way, I could add restrictions in the proxy server so that
certain URLs will never be fetched. But that is rather ugly, as it only
limits the nuisance for the remote server operators. The users that
entered the nonsense URL do not receive any notice about this and may
even get angry that their remote calendar is "not working". So I'd
rather reject the creation of nonsense remote calendars in the first place.
Jens
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5326 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.horde.org/archives/kronolith/attachments/20171117/ae8a8b3d/attachment.bin>
More information about the kronolith
mailing list