[turba] turba permissions....

[Chuck Hagenbuch]

Quoting Marko Djukic <marko at oblo.com>:

> Don't think we can assume that public sources are editable if there is no 
> owner field.

Correct...

> We need an extra bit of info to determine a public source which is 
> private, hence editable when no user.

Huh?

> - If this is only personal_ldap case do we put a fix in for just that?

What is "personal_ldap"? Please don't use source names as technical terms.
They are array keys and should be treated as nothing more.

> - Or do we put a fix in for example checking any source which has
> "personal_" as the start of their name is assumed to be personal hence 
> full permissions?

No.

> - Or another setting in sources? personal true/false... ideally it would
> be good to be able to set a three step field: personal/owner/public scope 
> since they are mutually exclusive and define the permissions behaviour 
> well (plus reduce the ever growing number of settings to fiddle with).

The whole problem though is that we can't store an "owner" easily for some
backends.

-chuck

--
Charles Hagenbuch, <chuck at horde.org>
must ... find ... acorns ... *thud*