Hi, all. We're about 2 weeks in to using DAViCal at our office here
(staff of 10) and we're generally really appreciating it. We have a mix
of iCal clients and Evolution clients and everything is playing nice
together for the most part.
There's one use case that I can't seem to figure out how to implement:
Allowing a user to have a personal calendar that they manage and that's
synced to the CalDav server, but that isn't available to other users.
If I add a Collection under my Principal, e.g.
/caldav.php/chris/personal/
and set it to have default privileges of only Free/Busy (definitely not
Read), other users on the system can still retrieve the calendar, with
event titles, etc. visible, from the server.
If I change my Principal default privileges to be only Free/Busy (and
not Read), then other users can't read the "office" calendar that I DO
want them to be able to see (e.g. /caldav.php/chris/office/), even when
I have an explicit Read grant for the all-staff Group on that "office"
collection. So I have to put my Principal default privileges back to
Read + Free/Busy, which again allows anyone to see the /chris/personal
details.
The wiki docs (which are somewhat confusing) imply that you can have a
permissive Principal-level privilege set and then get more restrictive
by Collection or by individual grants, but that doesn't seem to work here.
Any suggestions?
Thanks!
Chris
(staff of 10) and we're generally really appreciating it. We have a mix
of iCal clients and Evolution clients and everything is playing nice
together for the most part.
There's one use case that I can't seem to figure out how to implement:
Allowing a user to have a personal calendar that they manage and that's
synced to the CalDav server, but that isn't available to other users.
If I add a Collection under my Principal, e.g.
/caldav.php/chris/personal/
and set it to have default privileges of only Free/Busy (definitely not
Read), other users on the system can still retrieve the calendar, with
event titles, etc. visible, from the server.
If I change my Principal default privileges to be only Free/Busy (and
not Read), then other users can't read the "office" calendar that I DO
want them to be able to see (e.g. /caldav.php/chris/office/), even when
I have an explicit Read grant for the all-staff Group on that "office"
collection. So I have to put my Principal default privileges back to
Read + Free/Busy, which again allows anyone to see the /chris/personal
details.
The wiki docs (which are somewhat confusing) imply that you can have a
permissive Principal-level privilege set and then get more restrictive
by Collection or by individual grants, but that doesn't seem to work here.
Any suggestions?
Thanks!
Chris