[turba] read-only ldap sources

Chuck Hagenbuch chuck at horde.org
Wed Mar 12 17:44:20 UTC 2008


Quoting liamr at umich.edu:

> Do We need to set permissions for each child permission added?  I'd
> tried only setting the permissions of the RO LDAP resource, and when I
> tried to access Turba as a non-admin user, the log said
>
> Dec 04 17:32:37 HORDE [debug] [] User webtest does not have READ
> permission for turba [on line 795 of
> "/usr/local/projects/webmail/html-dev/horde/lib/Horde/Registry.php"]
>
> To allow access the test user to access Turba, I had to grant each "show
> / read" to each child.
>
> What permissions should I be setting (show, read, edit, delete), and
> what are the implications?

I'm not entirely sure what you're asking, but if you add  
sub-permissions to an application, then you must set permissions for  
that application. If there are no permissions, we assume authenticated  
users can access the app, guests can't. If any permissions exist (and  
creating children forces the creation of the parent, so it exists),  
then they are honored explicitly.

-chuck


More information about the turba mailing list