Re: [Phpgroupware-developers] phpWebHosting and ACL

[Giancarlo Susin]

Jason Wies wrote:

> Again, only user <-> group, no user <-> user or group <-> group.  Try these 
> steps:
>
> 1. Go to Administration, make sure user and group have access to phpwebhosting
> 2. Administration -> User groups -> Edit group -> ACL icon next to phpwebhosting
> 3. For the user in question, check the boxes for Read and Add, submit
> 4. Log in as user, go Up to /home, then into the group's directory
> 5. Upload a file, should work
> 6. Edit the file, it should work until you try to Save it, in which case an 
> error message is displayed
> 7. Delete the file, shouldn't work
>
> The above works fine for me on a fresh 0.9.14 install + the one-liner patch.


Following your directions now I see this kind of sharing is working fine.


> The function that controls ACL access is vfs->acl_check ().  Functions such as vfs->read 
> (), vfs->write (), vfs->rm (), etc. call vfs->acl_check () with PHPGW_ACL_READ, 
> PHPGW_ACL_EDIT, PHPGW_ACL_DELETE, etc.  phpwebhosting doesn't handle much of anything itself, 
> it relies on the VFS to do the checking.


These checkings done in VFS allow very trustable applications.


> Things that you could add if you wanted:
>
> * Respect ACL setting in setup
> * Make acl_check () work for user <-> user and group <-> group
>
> Both of these should be pretty easy, I'll add them when I get the chance, but 
> you're welcome to beat me to it :)


Not so easy to me... Past 2 days, I've submitted a patch to add this. 
Please see 
http://savannah.gnu.org/patch/?func=detailpatch&patch_id=370&group_id=509

Thank you for your help!

Giancarlo