Thanks dre, I realised after asking that it had moved to a postgres backed datastore. Although, I guess we could have 2 cardDAV servers running, one in read only and the other in read-write, but both on the same DB backend? In the read only server, authentication would be valid for all listed in the ou=people branch of the directory, but the read-write server would only allow connection from specific roles...just a thought, or is this completely outrageous? I'll also be sure to check out gaya's branch to see what direction is being taken there, perhaps I can help out with that. Tom On Dec 17, 2012, at 08:32 PM, Andre LaBranche <dre@mac.com> wrote: On Dec 14, 2012, at 5:30 AM, Thomas Harvey <harvey.t@mac.com> wrote:
I've got myself a nice new CardDAV server setup and I'm working on the user accounts - just through the XML based directory. I would like to have one collection of contacts which has an admin user with read/write access but to also have a subordinate user who can connect to this collection with read only access. I don't particularly need to be able to provide a separate contacts collection for the subordinate user.
The current thinking is to have a Principal which is listed in the caldavd.plist as a ReadPrincipal and then to symlink the folder for that principal into another location, which is listed as AdminPrincipals - Is this really the best way to do this?
Symlinks probably won't help you here; the Calendar Server backend is a postgres database. It used to be a filesystem, but that was a long time ago... Unfortunately I don't think there's currently any support in the server for what you're asking for. There is a 'read only server' switch, but it's global for the entire service. There is some CardDAV sharing stuff in development, but it's not release-quality yet. Here's the branch if you're curious what is being done: http://trac.calendarserver.org/log/CalendarServer/branches/users/gaya/shared... Cheers, -dre