6.0.0-alpha12
6/12/25

[#4354] turba offers to "copy / move" into RO datasources
Summary turba offers to "copy / move" into RO datasources
Queue Turba
Queue Version 2.1.2
Type Bug
State Not A Bug
Priority 1. Low
Owners
Requester liamr (at) umich (dot) edu
Created 08/28/2006 (6863 days ago)
Due
Updated 08/29/2006 (6862 days ago)
Assigned 08/29/2006 (6862 days ago)
Resolved 08/29/2006 (6862 days ago)
Github Issue Link
Github Pull Request
Milestone
Patch No

History
08/29/2006 09:33:39 PM Chuck Hagenbuch Comment #7
State ⇒ Not A Bug
Reply to this comment
It was in the changelog, but could probably be a little more 
prominent. It's the only way to set perms on sources now.
08/29/2006 09:11:05 PM liamr (at) umich (dot) edu Comment #6 Reply to this comment
Ok... that seemed to work, but isn't that straight forward.  Is the 
Permissions stuff documented someplace?
08/29/2006 08:57:33 PM Chuck Hagenbuch Comment #5 Reply to this comment
Administration -> Permissions
08/29/2006 08:46:04 PM liamr (at) umich (dot) edu Comment #4 Reply to this comment
How?  I don't see anything in sources.php that suggests that it makes 
a source editable or not.



I even checked the source.php.dist in CVS and HEAD doesn't seem to 
have a flag for it.
08/29/2006 08:01:15 PM Chuck Hagenbuch Comment #3
State ⇒ Feedback
Reply to this comment
The IMSP and null drivers have hasPermission() functions - the IMSP
driver even interpreting IMSP ACLs to see what the user is allowed to
do.  Perhaps the LDAP driver should do something similar?  Like...
assume that if we're bound anonymously, that we can't alter data in
the directory?
I know that's generally going to be correct, but not always, right? Is 
there a reason you can't just remove edit permissions on that source 
in your permissions setup?
08/29/2006 04:57:21 PM liamr (at) umich (dot) edu Comment #2 Reply to this comment
After seeing that turba also offers the ability to add a contact to a 
RO ldap source, and digging around a little, it looks like turba just 
assumes that all ldap sources are RW.



The IMSP and null drivers have hasPermission() functions - the IMSP 
driver even interpreting IMSP ACLs to see what the user is allowed to 
do.  Perhaps the LDAP driver should do something similar?  Like... 
assume that if we're bound anonymously, that we can't alter data in 
the directory?
08/28/2006 09:23:28 PM liamr (at) umich (dot) edu Comment #1
Priority ⇒ 1. Low
Type ⇒ Bug
Summary ⇒ turba offers to "copy / move" into RO datasources
Queue ⇒ Turba
State ⇒ Unconfirmed
Reply to this comment
We've got two data sources defined for our installation -  RW 
mysql-backed personal addressbooks, and a RO institutional LDAP   
"white pages".



Browse offers users the ability to "Move, Copy to" the RO LDAP 
instance.  It seems that "Move, Copy" should only be offered when 
there are RW data sources available (other than the source you're 
moving or copying from).  If a user tries to copy a record into a RO 
data source, they get an ugly (and potentially confusing) error.



In the case when there are multiple data additional data sources 
available (eg RO ldap, RW SQL and RW IMSP), "Move, Copy" should only 
offer the RW data sources in the pull-down menu.

Saved Queries