In short:
principal:
- user principal (user who can login and use the system)
- group principal (ONLY for grouping users, these groups are then usable when you grant access on user/resource principals; without using groups for granting/revoking privileges there is NO reason to use them at all /simply adding users into one group means exactly NOTHING/)
- resource (it's very similar to user principal with one exception, resource CANNOT login)
collections:
- each principal (except the group principal) can have one or more collections
- collection is a "storage" for certain type of objects (contacts, events, todos)
- there are two "main type" of collections: addressbook and calendar collections
The URL for a collection looks like:
http://server.com/caldav.php/jack/calendar_a/ where "jack" is a principal, and "calendar_a" is jack's collection.
Simple example, where collections are in square brackets [] and access settings are in curly brackets {} /NOTE: you can define access right on principal and also collection level/:
- user principals:
jack {everybody has no access, Group "sales" has read-write access /NOTE: the owner have ALWAYS full access/}
[jack's calendar A for events] {inherit permissions from the principal (line above)}
[jack's calendar B for events] {inherit permissions from the principal}
[jack's calendar for todos] {inherit permissions from the principal}
[jack's addressbook A] {everybody has no access /NOTE: the owner have ALWAYS full access/}
[jack's addressbook B] {user "james" has read access}
peter {everybody has read access}
[peter's calendar for events] {Group "support" has write access, Group "sales" has read access, User "james" has read access}
[peter's calendar for todos] {inherit permissions from the principal}
[peter's addressbook] {everybody has no access}
john
...
james
...
robert
...
- group principals:
support (members: peter, robert)
sales (members: jack, john)
- resource principals:
cars {everybody has read access}
[BMW's event calendar] {Group "support" has write access, User "james" has write access}
[BMW's todo calendar] {Group "support" has write access, User "james" has write access}
[Mercedes' event calendars] {Group "support" has write access, User "peter" has write access}
[Mercedes' todo calendars] {Group "support" has write access, User "peter" has write access}
systems {everybody has write access}
[System A's event calendar] {inherit permissions from the principal}
[System B's event calendar] {inherit permissions from the principal}
Cheers,
JM
> On 05 Aug 2015, at 18:02, Narcis Garcia <informatica@actiu.net> wrote:
>
> Hello, I'm trying to setup a new CalDAV host with Debian. The software
> installation is done, but now it's turn to create calendars and permissions.
>
> I've read this extense explanation (english is not my native language):
> www.davical.org/administration.php
> But I'm still not understanding the difference between a Resource and a
> Calendar or Addressbook.
>
> I understand that users&groups have the same meaning as system ones
> (access accounts and groups of accounts).
>
> In wiki.davical.org would be useful to write more scenario examples, and
> terms exact definitions.
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> Davical-general mailing list
> Davical-general@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/davical-general
