On Wed, 2010-07-07 at 16:49 -0400, Chris Hardie wrote:
> Hi, all. We're about 2 weeks in to using DAViCal at our office here
> (staff of 10) and we're generally really appreciating it. We have a mix
> of iCal clients and Evolution clients and everything is playing nice
> together for the most part.
>
> There's one use case that I can't seem to figure out how to implement:
>
> Allowing a user to have a personal calendar that they manage and that's
> synced to the CalDav server, but that isn't available to other users.
>
> If I add a Collection under my Principal, e.g.
>
> /caldav.php/chris/personal/
>
> and set it to have default privileges of only Free/Busy (definitely not
> Read), other users on the system can still retrieve the calendar, with
> event titles, etc. visible, from the server.
>
> If I change my Principal default privileges to be only Free/Busy (and
> not Read), then other users can't read the "office" calendar that I DO
> want them to be able to see (e.g. /caldav.php/chris/office/), even when
> I have an explicit Read grant for the all-staff Group on that "office"
> collection. So I have to put my Principal default privileges back to
> Read + Free/Busy, which again allows anyone to see the /chris/personal
> details.
>
> The wiki docs (which are somewhat confusing) imply that you can have a
> permissive Principal-level privilege set and then get more restrictive
> by Collection or by individual grants, but that doesn't seem to work here.
Hi Chris,
There is an unfortunate bug in 0.9.9 which means that granting free/busy
privilege also grants read privilege.
It is fixed in git, and waiting for me to release the next version...
which I had hoped to do *before* I went away on holiday with my
family :-(
Cheers,
Andrew.
--
------------------------------------------------------------------------
andrew (AT) morphoss (DOT) com +64(272)DEBIAN
You have an ambitious nature and may make a name for yourself.
------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.morphoss.com/pipermail/davical-users/attachments/20100708/22a081d4/attachment.pgp>
-------------- next part --------------
> Hi, all. We're about 2 weeks in to using DAViCal at our office here
> (staff of 10) and we're generally really appreciating it. We have a mix
> of iCal clients and Evolution clients and everything is playing nice
> together for the most part.
>
> There's one use case that I can't seem to figure out how to implement:
>
> Allowing a user to have a personal calendar that they manage and that's
> synced to the CalDav server, but that isn't available to other users.
>
> If I add a Collection under my Principal, e.g.
>
> /caldav.php/chris/personal/
>
> and set it to have default privileges of only Free/Busy (definitely not
> Read), other users on the system can still retrieve the calendar, with
> event titles, etc. visible, from the server.
>
> If I change my Principal default privileges to be only Free/Busy (and
> not Read), then other users can't read the "office" calendar that I DO
> want them to be able to see (e.g. /caldav.php/chris/office/), even when
> I have an explicit Read grant for the all-staff Group on that "office"
> collection. So I have to put my Principal default privileges back to
> Read + Free/Busy, which again allows anyone to see the /chris/personal
> details.
>
> The wiki docs (which are somewhat confusing) imply that you can have a
> permissive Principal-level privilege set and then get more restrictive
> by Collection or by individual grants, but that doesn't seem to work here.
Hi Chris,
There is an unfortunate bug in 0.9.9 which means that granting free/busy
privilege also grants read privilege.
It is fixed in git, and waiting for me to release the next version...
which I had hoped to do *before* I went away on holiday with my
family :-(
Cheers,
Andrew.
--
------------------------------------------------------------------------
andrew (AT) morphoss (DOT) com +64(272)DEBIAN
You have an ambitious nature and may make a name for yourself.
------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.morphoss.com/pipermail/davical-users/attachments/20100708/22a081d4/attachment.pgp>
-------------- next part --------------