[Freedombox-discuss] Radicale User rights

Dietmar ndcdhimdsa at gmx.de
Sun May 1 14:04:24 UTC 2016 

Salut Francois,

so my configurations now look like this and up to now are working
properly:

in /etc/radicale/config

>         [rights]
>         type = from_file
>         file = /etc/radicale/rights


rights:

>       * [group calendar]
>       * user: ^(User1|User2)$
>       * collection: ^.*/groupcalendar.ics$
>       * permission: rw
>       * # Give write access to owners
>       * [owner-write]
>       * user: .+
>       * collection: ^%(login)s/.+$
>       * permission: rw
>         
        

rights were previously set to 

> type=owner_only

so I think that a sharing of the calendar would not have been possible.
In contrast to what I read somewhere (forgot where), that every FBx user
could access the calendar. I think we eventually have to change that
because this setting does not allow to replace Guhgel's calendar.

By the way, trying to change the settings of a user in Plinth gives an
error 500. I have no problem with that right now, but maybe there is a
bug?

    Dietmar

Am Mittwoch, den 27.04.2016, 20:00 +0200 schrieb Dietmar:

> Merci bien Francois,
> 
> I will copy your rights for the owner, but I could not find the
> general syntax of this file.
> Can I do something like 
> 
> >         user: User1,User2,User3
> >         collection: ^.*/OurCalendar.ics
> >         permission: rw
> 
> 
> to give the users 1..3 the rights to just the calendar
> OurCalendar.ics?
> 
> This is an intermediate solution I can do, but to have radicale on a
> level where uneducated users can define access rights, I think this
> feature has to be added into plinth. Or does Guhgel-Calendar not have
> such an access control?
> 
>    Dietmar
> 
> Am Mittwoch, den 27.04.2016, 10:09 +0200 schrieb francois at avalenn.eu: 
> 
> > On Tue, Apr 26, 2016 at 08:07:29PM +0200, Dietmar wrote:
> > > I am currently playing with radicale, clients are Evolution and an
> > > Android phone with DAVDroid (was more stable than caldav).
> > > My use case is that I have one calender (just successfully migrated from
> > > owncloud) for my family, where we all have read and write access to.
> > > Now I want to add another calender for friends to organize trips and a
> > > personal task list (Evolution and OpenTasks). The problem of course is
> > > that all users have the same rights on all calenders, so my friends
> > > could read my personal tasks and the family calendar.
> > > 
> > > Changing this is apparently not so easy as the calendars are managed by
> > > radicale, not the FBx. 
> > > I have been wondering if one should not be able to define groups
> > > manually (such as "familyCalender", "friendsCalendar"), assign users to
> > > these groups, the calendars to the groups and then set the corresponding
> > > rights in the radicale configuration. This probably is a heavy user
> > > interface.
> > > 
> > > Does anyone else have such a use case as me?
> > 
> > Yes, and I did not find the way to fulfil it with Radicale when using
> > it with LDAP backend for authentication.
> > 
> > My current approach is to have three types of calendars :
> >   - private (default) which are accessible only to the owner
> >   - shared which are accessible to all the people having an account on
> >     my freedombox
> >   - public which are accessible to everyone with internet access
> > 
> > The corresponding rights configuration file is :
> > 
> >         # This means all users may read and write any collection starting with public.
> >         # We do so by just not testing against the user string.
> >         [public]
> >         user: .*
> >         collection: ^.*/public.*$
> >         permission: rw
> >         
> >         # partage is like public but for authenticated users
> >         [shared]
> >         user: .+
> >         collection: ^.*/shared_.*$
> >         permission: rw
> >         
> >         # Give write access to owners
> >         [owner-write]
> >         user: .+
> >         collection: ^%(login)s/.+$
> >         permission: rw
> > 
> > François
> 
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20160501/06525c88/attachment.html>

More information about the Freedombox-discuss mailing list