[turba] read-only ldap sources
liamr at umich.edu
liamr at umich.edu
Wed Mar 12 18:30:19 UTC 2008
> I'm not entirely sure what you're asking, but if you add
> sub-permissions to an application, then you must set permissions for
> that application. If there are no permissions, we assume authenticated
> users can access the app, guests can't. If any permissions exist (and
> creating children forces the creation of the parent, so it exists),
> then they are honored explicitly.
If I follow this process..
From within the permissions screen in the admin section...
- Add a child permission to "All Permissions" for "Address Book (turba)
- Add a child permission to "Address Book (turba)" for "Sources"
- Add a child permission to "Sources" for the name of the RO LDAP resource
- Change the permssions on the RO LDAP resource to "Show / Read"
for "All Authenticated Users"
.. then the only people who have access to Turba are the ones listed
in $conf['auth']['admins']. To allow the rest of my authenticated
users access, I need add "Show / Read" access to "Address Book" for
"All Authenticated Users".
Which makes me wonder..
- what would Edit or Delete at that permission level allow people do
to / restrict people fro doing?
- do I need to need to assign explicit permissions at the "Sources" level?
- do I need to assign permissions for the other sources ("My Address
Book" or "Favorite Recipients")?
Liam
More information about the turba
mailing list