Tickets :: [#4021] Creator Perms

6.0.0-alpha10

5/15/25

Summary	Creator Perms
Queue	Horde Framework Packages
Queue Version	FRAMEWORK_3
Type	Bug
State	Not A Bug
Priority	1. Low
Owners
Requester	michael.menge (at) zdv (dot) uni-tuebingen (dot) de
Created	06/09/2006 (6915 days ago)
Due
Updated	06/29/2006 (6895 days ago)
Assigned	06/10/2006 (6914 days ago)
Resolved	06/29/2006 (6895 days ago)
Milestone
Patch	No

06/29/2006 09:51:29 AM	michael (dot) menge (at) zdv (dot) uni-tuebingen (dot) de	Comment #8	Reply to this comment
How does User A has to set the permissions that only user B can create Objets in the share and that he can edit only the Objects he has created?

06/29/2006 09:47:32 AM	Jan Schneider	Comment #7	Reply to this comment
All scenarios are working as expected.

06/29/2006 09:40:53 AM	michael (dot) menge (at) zdv (dot) uni-tuebingen (dot) de	Comment #6	Reply to this comment
the intention of object_creator permissions is clear, but at the moment there are some things that are not as they should be. Here are some example settings to show the Problems Lets have the Users A, B and C User A has the share "Shared Share" he wants to share with user B, but he dont want user C to have annithing to du with his share Scenario 1. ---------------------------------------------- user B has (Show Read Edit Delete) object creator has no rights ------------------------------------------- Now user B can do every thing, also Edit and Delete the objects created by user A This is what i would expect and works fine. Scenario 2 ---------------------------------------------- user B has (Show Read ) object creator has Edit and Delete permissons ------------------------------------------- user B can create new objects can edit them and can delete bem but is not able to edit other objects of the user A. BUT user C can create new objects, he cant delete them because he has now Show permission for the share. So he cant select the share Scenario 3 ---------------------------------------------- user B has (Show Read Edit) object creator has Delete permissons ------------------------------------------- user B can create new objects but can EDIT all but his own object. Scenario 4 ---------------------------------------------- user B has (Show Read Edit) object creator has Show permissons ------------------------------------------- User C sees the "Shared Share" in the dorp down selection, but can do nothing with the share.

06/29/2006 09:08:36 AM	Jan Schneider	Comment #5 State ⇒ Not A Bug	Reply to this comment
That's exactly the purpose of the creator permissions. You want to set creator permission if you want to give certain permissions to objects in a share only to the creator of these objects. Since Horde doesn't have permissions on the object-level, only on the share-level, this is the only way to allow users editing and creating objects in a share without allowing them to mess with other users' objects.

06/20/2006 09:37:23 AM	michael (dot) menge (at) zdv (dot) uni-tuebingen (dot) de	Comment #4	Reply to this comment
The Problem is more serious than i thought. If ther edit permission is set for the Object_creator EVERYONE can create new objects in the share

06/12/2006 06:21:34 PM	michael (dot) menge (at) zdv (dot) uni-tuebingen (dot) de	Comment #3	Reply to this comment
If I understand the creator perms right they don't make muche sense. To make the things clear lets talk about calendars (this should also work with adressbooks, tasks ...) At the moment you need the edit permisson to create a new event in a calendar. If you have the edit permission you can edit all events in this calendar. The only usefull permission in this scenacrio is the delete permission. If there were a create permission the creator edit permission would be usefull. Then you could only edit your own events. _________________________________ Back to my problem If user A sets the rights for his calendar Importent_Calendar for the individual user B to show,read,edit and for the object creator to show,read,edit and delete. then user C,D,E,.... will see Importent_Calendar were they choose the calendas to display. this would be no problem if only user A would do this, but if all 33333 users do the same thing user B might get a problem to find the right calendar If user A does not set the object creator show permission but only the edit permission Importent_Calendar would not show at "Select calendars do display" but at "Advanced Search" If users C,D,... would select Importent_Calendar they would see and find nothing.

06/10/2006 05:27:32 PM	Chuck Hagenbuch	Comment #2 State ⇒ Feedback	Reply to this comment
If it worked that way, you could never create an object on the share in the first place. You should see the share if you have read permissions to it - nothing to do with whether you've created objects on it or not. If people are seeing shares they don't have read access to, that's a problem.

06/09/2006 02:42:07 PM	michael (dot) menge (at) zdv (dot) uni-tuebingen (dot) de	Comment #1 Priority ⇒ 1. Low Type ⇒ Bug Summary ⇒ Creator Perms Queue ⇒ Horde Framework Packages State ⇒ Unconfirmed	Reply to this comment
Everyone can select a share, if the creator perrmission to show or to edit are set, even if the user has no objects created in the share. This is no securety issue, but the list of shares can get very long and users might get problems finding the right share. An object creator should only be able to select a share if he has objects in the share