[turba] read-only ldap sources
Chuck Hagenbuch
chuck at horde.org
Wed Mar 12 17:44:20 UTC 2008
Quoting liamr at umich.edu:
> Do We need to set permissions for each child permission added? I'd
> tried only setting the permissions of the RO LDAP resource, and when I
> tried to access Turba as a non-admin user, the log said
>
> Dec 04 17:32:37 HORDE [debug] [] User webtest does not have READ
> permission for turba [on line 795 of
> "/usr/local/projects/webmail/html-dev/horde/lib/Horde/Registry.php"]
>
> To allow access the test user to access Turba, I had to grant each "show
> / read" to each child.
>
> What permissions should I be setting (show, read, edit, delete), and
> what are the implications?
I'm not entirely sure what you're asking, but if you add
sub-permissions to an application, then you must set permissions for
that application. If there are no permissions, we assume authenticated
users can access the app, guests can't. If any permissions exist (and
creating children forces the creation of the parent, so it exists),
then they are honored explicitly.
-chuck
More information about the turba
mailing list