[turba] Address Book Setup Questions

[Chuck Hagenbuch]

Quoting Adam Tauno Williams <adam at morrison-ind.com>:

> An option in the source to also limit advanced search to the same fields
> as quick search (just adding the ability to have qualifier multiple
> fields) would be good for me.  Like -
>      'restrictedSearchFields' => true
>  - would be plenty.

Yeah; I'm hoping for a flash of inspiration for something more sensible. :)

> Permissions (ACLs) can be applied on a per-object (person, company,
> project, etc...) basis in the server.  There is an RPC call whereby on
> can check if an operation is allowed;  in our CRM application, for
> instance, we just grey-out/disable the submit button for objects the
> user doesn't have the permission to update.  (For instance, corporate
> contacts the sales manager wants to distribute but only allow the
> customer account management team to alter;  it can get pretty specific).
>
> I can just throw an error if they try to update a contact without
> permissions.  Just wanted to make sure there wasn't a better way.

The better way would be moving all of the permissions checks to the  
object level instead of the source level. Objects would call their  
source object but pass themselves along as an additional parameter. So  
most drivers would act as now, but yours could make checks  
specifically on the object.

-chuck

-- 
"we are plastered to the windshield of the bus that is time." - Chris