[turba] Restricting Database Access
Rick Romero
Rick@valeoinc.com
Fri, 7 Sep 2001 07:08:12 -0500
On 6 Sep 2001 at 17:40, Claus Heiko Niesen wrote:
> I don't really like the idea of two different turba installation. I'd
> rather hack search.php and advanced.php and add a little if statement like
> this:
>
> /* Build the directory sources select widget. */
> $source_options = '';
> foreach ($cfgSources as $key => $entry) {
> if (($key != 'restricted_database') || ($imp['user'] ==
> 'the_special_user')) {
> $selection = (isset($source) && $source == $key) ? ' selected' :
'';
> $source_options .= "<option value=\"$key\"$selection >";
> $source_options .= $entry['title'] . "</option>\n";
> }
> }
Since your customizing your installation, you could manually put all
the userid's in the SQL server as the owner of that 'addressbook' ie.
joe,jim,ralph.
Then explode userid into an array, and do a foreach. Kind of like
(really bad php coming up):
/* Build the directory sources select widget. */
$source_options = '';
foreach ($cfgSources as $key => $entry) {
userarray=explode(',',$addressbookowner)
foreach ($userarray)
//Hell, Loop through the array, to see if the current user is one in the
//list - I don't remeber how to reference arrays in php..
if ($imp['user'] == $userarray['currentuser']) {
$selection = (isset($source) && $source ==
$key) ? 'selected' : '';
$source_options .= "<option
value=\"$key\"$selection >";
$source_options .= $entry['title'] . "</option>\n";
}
}
}
That's what I get for re-using already modified code...
I hope you get the idea. I spend too much time in FoxPro...
Rick
>
> Thanks for your help Jan
> Claus
>
> Hint: The user name is stored in $imp['user']. However, this might only
> be true since IMP is the application that handles user verification for
> me. Somebody might want to correct me on this.
>
> At 05:04 PM 09/06/2001, you wrote:
> >We currently have no acls implemented.
> >
> >The only thing I could think of is to install turba in two different
> >directories with different authentication themes.
> >
> >Jan.
> >
> >Zitat von Claus Heiko Niesen <cniesen@gmx.net>:
> >
> > > I added a foreign table that contains e-mail addresses to the source.php
> > > with success. Currently anybody that has access to IMP can utilize the
> > > database. I would like to restrict that to a selected few people. The
> > > database itself doesn't contain any information regarding who is allowed to
> > > access it and who isn't. The perfect thing would be to display the
> > > database as a choice to only the people that have access to it. I was
> > > wondering if there is some mechanism in place.
> > >
> > > Claus
> > >
> > > Hint: To combine a first and last name field to be used in turba use the
> > > following mapping in source.php:
> > > 'name' => 'first_name || \' \' || last_name'
> > >
> > >
> > > --
> > > Turba mailing list: http://horde.org/turba/
> > > Frequently Asked Questions: http://horde.org/faq/
> > > To unsubscribe, mail: turba-unsubscribe@lists.horde.org
> > >
> > >
> >
> >
> >::::::::::::::::::::::::::::::::::::::::
> >AMMMa AG - discover your knowledge
> >:::::::::::::::::::::::::::
> >Detmolder Str. 25-33 :: D-33604 Bielefeld
> >fon +49.521.96878-0 :: fax +49.521.96878-20
> >http://www.ammma.de
> >::::::::::::::::::::::::::::::::::::::::::::::
> >
> >--
> >Turba mailing list: http://horde.org/turba/
> >Frequently Asked Questions: http://horde.org/faq/
> >To unsubscribe, mail: turba-unsubscribe@lists.horde.org
>
>
>
> --
> Turba mailing list: http://horde.org/turba/
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: turba-unsubscribe@lists.horde.org
>
Sincerely,
Rick Romero
IT Manager
Valeo, Inc.
rick@valeoinc.com
262-695-4841