[CalendarServer-users] Adding principals
Rick Davis
roodavis at mac.com
Fri Sep 8 22:05:34 PDT 2006
On Sep 5, 2006, at 10:08 PM, Rick Davis wrote:
> On Sep 5, 2006, at 10:25 AM, Cyrus Daboo wrote:
>
>> As described on the wiki page, each user should be given <DAV:all>
>> privileges to their own calendar home collection. So it should be
>> possible to do anything in that collection once authenticated.
>
>
> Can you give me an example of a user set up with all privileges to
> his calendar collection, all privileges to a shared calendar folder
> and read only or no access to other users calendars. I was able to
> get all users the ability to publish calendars, but unfortunately
> they were allowed to publish to any users folder. Not just their
> own. So far all changes I have tried result in all or nothing.
>
> I'm hoping to set this up for a school in the next week or two with
> about forty teachers (and possibly for the 900+ students). Before
> they run out and buy Now-Up-To-Date.
>
> I wrote a small app a couple of summers ago to create an XML file
> for importing users into OS X server using fields from a tab-
> delimited file of users first and last name. It generates the
> shortname and password according to selections made and then writes
> the xml file. I was able to modify it last night to generate a
> properly formatted repository-dev.xml. If I can get the privileges
> worked out I should be able to generate the repository-dev.xml for
> 100+ users in just a few minutes.
>
> Also, is there a graceful way to quit iCalServer or reload the
> repository-dev.xml file? Right now when I want to make changes I
> terminate the shell. Delete the previous principals, users and
> calendars then ./run again.
>
> Thanks and Have A Great Day.
>
> Rick Davis
> thePRIMAXgroup
> http://applehelp.org
This is a follow-up for the archives.
Got the privileges worked out. I did have to change a couple of
things in the section of the repository-dev.xml file listed below.
I am also using phpicalendar to publish these calendars on the web.
So I moved the "shared" calendars location to the shared folder
inside the users folder. Also had to change the authenticated
privilege from "read" to "all" to allow all users to publish to this
folder. Now <url>/phpicalendar?cpath=shared works as well as <url>/
phpicalendar?cpath=<username>
Still not sure if there is a more graceful way to stop and start or
reload the repository-dev.xml file. The only way I know to quit or
reload is to exit the shell. Then open a new shell and execute the ./
run command.
Now I will get back to working with Chandler on multiple users
writing to the shared calendars.
Thanks and Have A Great Day
Rick Davis
thePRIMAXgroup
http://applehelp.org
------------
<collection name="users" tag="shared"> --changed this line to move
the shared folder inside the "users" folder
<properties>
<acl>
<ace>
<principal><unauthenticated/></principal>
<grant><privilege><read/></privilege></grant>
<protected/>
<inheritable/>
</ace>
<ace>
<principal><authenticated/></principal>
<grant><privilege><all/></privilege></grant> --
changed this line from "read" to "all"
<protected/>
<inheritable/>
</ace>
</acl>
</properties>
<members/>
</collection>
More information about the calendarserver-users
mailing list