[turba] Address Book Setup Questions
Chuck Hagenbuch
chuck at horde.org
Wed Oct 25 13:05:55 PDT 2006
Quoting Adam Tauno Williams <adam at morrison-ind.com>:
> An option in the source to also limit advanced search to the same fields
> as quick search (just adding the ability to have qualifier multiple
> fields) would be good for me. Like -
> 'restrictedSearchFields' => true
> - would be plenty.
Yeah; I'm hoping for a flash of inspiration for something more sensible. :)
> Permissions (ACLs) can be applied on a per-object (person, company,
> project, etc...) basis in the server. There is an RPC call whereby on
> can check if an operation is allowed; in our CRM application, for
> instance, we just grey-out/disable the submit button for objects the
> user doesn't have the permission to update. (For instance, corporate
> contacts the sales manager wants to distribute but only allow the
> customer account management team to alter; it can get pretty specific).
>
> I can just throw an error if they try to update a contact without
> permissions. Just wanted to make sure there wasn't a better way.
The better way would be moving all of the permissions checks to the
object level instead of the source level. Objects would call their
source object but pass themselves along as an additional parameter. So
most drivers would act as now, but yours could make checks
specifically on the object.
-chuck
--
"we are plastered to the windshield of the bus that is time." - Chris
More information about the turba
mailing list