phpgroupware-developers
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Phpgroupware-developers] phpWebHosting and ACL


From: Jason Wies
Subject: Re: [Phpgroupware-developers] phpWebHosting and ACL
Date: Mon, 24 Jun 2002 20:51:51 -0400
User-agent: Mutt/1.2.5i

On Mon, Jun 24, 2002 at 07:13:02PM -0300, Giancarlo Susin wrote:
> Jason Wies wrote:
> 
>  > Good patch!  Committed to Version-0_9_14-branch and HEAD.  Some
>  > notes:
>  >
>  > - We can't remove the buttons when they don't have access because
>  > ACL support goes down to the file level rather than the directory
>  > level.  It is possible a user would have access to some files in a
>  > directory but not to others.  We can hide the upload form and
>  > Create folder button because those apply on a directory level only.
> 
> I don't understand how can a user have access to some files in a 
> directory but not to others, at least in the current VFS model. When VFS 
> checks for user privileges in a specific file, it relies on function 
> acl->get_rights(). This function doesn't accept a file name as a 
> parameter; it only gets privileges granted from a group to an user  (and 
> lately, to a group too), as stored in table phpgw_acl. This grants to 
> the user uniform access to all content of a given directory. So, seems 
> to me that we still can hide buttons based on directory privileges. 
> Please correct me if I'm wrong.

The VFS is based on the Unix filesystem model, down to home and .app 
directories.  As with the Unix model, files in directories can be owned by 
someone different than the owner of the directory.  For example, say a site 
administrator wants to use the /home/Default directory to post announcements, 
and wants these announcements to be read-only.  For this installation, the ACL 
setting in setup is set to 'grant', so everyone has full read/write access to 
/home/Default (and everyone is a member of the Default group, of course).  So 
how does the administrator add read-only files to this directory?

1. Go to /home/Admins
2. Create or upload file (ANNOUNCEMENT, let's say)
3. Move ANNOUNCEMENT to /home/Default

When the file was created, it was set to ownership "Admins" because that's 
where it was created.  When it was moved, just as in Unix, it retains the 
ownership.  So in the list of files in /home/Default, there will be an 
ANNOUCEMENT file that is owned by Admins and cannot be edited or removed, but 
can be read (assuming read access to Admins was granted to Default).

This does bring up the point of explicitly setting different permissions for a 
single file (if the administrator didn't want to grant read access to Admins, 
for example, but just for this one file).  I see no reason why this shouldn't 
be added.  Another column in phpgw_vfs and a tweak in acl_check is all it will 
take in code, but it deserves some thought as to whether we should follow the 
Unix way of Owner-Group-Other, or perhaps do something all our own.

Jason Wies aka Zone



reply via email to

[Prev in Thread] Current Thread [Next in Thread]