Dear all, I would like to provide our staff a shared address book, hosted on a DCS running on an Ubuntu server. Everything works fine so far, except that anyone having access to the shared address book (via a shared CardDAV user account) is able to write changes, even accidentally. I've read that there was some development with respect to shared address books in the past. Can someone please tell me what the current situation is? Is there any path to set up DCS in a way that there is an owner of an address book with write access and other users or groups with read-only access to the same resource? Thanks in advance for any clue Carsten
Hi, The only immediate answer I have is the service-wide caldavd.plist setting: EnableReadOnlyServer When set to true, nothing is writable. There may be another option in the future, as we have been developing more stuff around shared address book collections, however we haven't yet had a release with any of those features. Also I don't believe there is any client support anywhere for managing shared address books, although that doesn't mean you can't use the feature(s), it just means you have to hand-craft some requests to manage the sharing state. -dre
On Jul 29, 2014, at 12:18 AM, Carsten Pohle <cpohle@gmail.com> wrote:
Dear all,
I would like to provide our staff a shared address book, hosted on a DCS running on an Ubuntu server. Everything works fine so far, except that anyone having access to the shared address book (via a shared CardDAV user account) is able to write changes, even accidentally.
I've read that there was some development with respect to shared address books in the past. Can someone please tell me what the current situation is? Is there any path to set up DCS in a way that there is an owner of an address book with write access and other users or groups with read-only access to the same resource?
Thanks in advance for any clue
Carsten _______________________________________________ calendarserver-users mailing list calendarserver-users@lists.macosforge.org https://lists.macosforge.org/mailman/listinfo/calendarserver-users
Hi Andre, thanks for your reply.
The only immediate answer I have is the service-wide caldavd.plist setting:
EnableReadOnlyServer
When set to true, nothing is writable.
Since the server hosts also calendards and other address books that must be writable to all principals, this would not be a solution. But maybe - as a workaround - one could set up a second, read-only server and transparently replicate / pull any changes from the first (read/write) one? It then would be possible to configure the read-only server for some users and the main server for others. Did anyone implement such a setup? Is there some documentation or HOWTO available?
There may be another option in the future, as we have been developing more stuff around shared address book collections, however we haven't yet had a release with any of those features. Also I don't believe there is any client support anywhere for managing shared address books, although that doesn't mean you can't use the feature(s), it just means you have to hand-craft some requests to manage the sharing state.
I'm afraid this won't be possible without some documentation. Currently, the lack of (at least a little) more comprehensive docs is _the_ major obstacle in implementing the open source DCS in production environments. Obviously, this is an (intended) point for buying OS X server ;-). Carsten
participants (2)
-
Andre LaBranche
-
Carsten Pohle