[turba] read-only ldap sources
liamr at umich.edu
liamr at umich.edu
Wed Mar 12 16:08:01 UTC 2008
Do We need to set permissions for each child permission added? I'd
tried only setting the permissions of the RO LDAP resource, and when I
tried to access Turba as a non-admin user, the log said
Dec 04 17:32:37 HORDE [debug] [] User webtest does not have READ
permission for turba [on line 795 of
"/usr/local/projects/webmail/html-dev/horde/lib/Horde/Registry.php"]
To allow access the test user to access Turba, I had to grant each "show
/ read" to each child.
What permissions should I be setting (show, read, edit, delete), and
what are the implications?
Liam
Quoting Chuck Hagenbuch <chuck at horde.org>:
> Quoting Liam Hoekenga <liamr at deathstar.org>:
>
>> I just want to confirm the process of marking an LDAP source as
>> read-only. We'd had trouble with this when we'd tried to deploy Horde
>> 3.1 last fall, and I'm not sure if it's explicitly documented anywhere.
>>
>> To make a read-only LDAP source, you need to use the permissions systems
>> (and to use the permissions system, you need to have DataTree turned on?).
>>
>> From within the permissions screen in the admin section...
>> - Add a child permission to "All Permissions" for "Address Book (turba)
>> - Add a child permission to "Address Book (turba)" for "Sources"
>> - Add a child permission to "Sources" for the name of the RO LDAP resource
>> - Change the permssions on the RO LDAP resource to "Show / Read" for
>> "All Authenticated Users"
>
> Correct.
>
>> Do you need to worry about the others permission groups ("All
>> Authenticated Users", "Guest Permissions", "Creator Permissions") in
>> this situation, esp. if we only allow authenticated users to access turba?
>
> No, you're all set.
>
> -chuck
> --
> Turba mailing list - Join the hunt: http://horde.org/bounties/#turba
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: turba-unsubscribe at lists.horde.org
>
More information about the turba
mailing list