[CalendarServer-users] Adding principals

Fri Sep 8 22:05:34 PDT 2006

On Sep 5, 2006, at 10:08 PM, Rick Davis wrote:

> On Sep 5, 2006, at 10:25 AM, Cyrus Daboo wrote:
>
>> As described on the wiki page, each user should be given <DAV:all>  
>> privileges to their own calendar home collection. So it should be  
>> possible to do anything in that collection once authenticated.
>
>
> Can you give me an example of a user set up with all privileges to  
> his calendar collection, all privileges to a shared calendar folder  
> and read only or no access to other users calendars. I was able to  
> get all users the ability to publish calendars, but unfortunately  
> they were allowed to publish to any users folder.  Not just their  
> own.  So far all changes I have tried result in all or nothing.
>
> I'm hoping to set this up for a school in the next week or two with  
> about forty teachers (and possibly for the 900+ students). Before  
> they run out and buy Now-Up-To-Date.
>
> I wrote a small app a couple of summers ago to create an XML file  
> for importing users into OS X server using fields from a tab- 
> delimited file of users first and last name.  It generates the  
> shortname and password according to selections made and then writes  
> the xml file. I was able to modify it last night to generate a  
> properly formatted repository-dev.xml.  If I can get the privileges  
> worked out I should be able to generate the repository-dev.xml for  
> 100+ users in just a few minutes.
>
> Also, is there a graceful way to quit iCalServer or reload the  
> repository-dev.xml file? Right now when I want to make changes I  
> terminate the shell.  Delete the previous principals, users and  
> calendars then ./run again.
>
> Thanks and Have A Great Day.
>
> Rick Davis
> thePRIMAXgroup
> http://applehelp.org

This is a follow-up for the archives.

Got the privileges worked out.  I did have to change a couple of  
things in the section of the repository-dev.xml file listed below.

I am also using phpicalendar to publish these calendars on the web.   
So I moved the "shared" calendars location to the shared folder  
inside the users folder.  Also had to change the authenticated  
privilege from "read" to "all" to allow all users to publish to this  
folder. Now <url>/phpicalendar?cpath=shared works as well as <url>/ 
phpicalendar?cpath=<username>

Still not sure if there is a more graceful way to stop and start or  
reload the repository-dev.xml file.  The only way I know to quit or  
reload is to exit the shell.  Then open a new shell and execute the ./ 
run command.

Now I will get back to working with Chandler on multiple users  
writing to the shared calendars.

Thanks and Have A Great Day

Rick Davis
thePRIMAXgroup
http://applehelp.org

------------
  <collection name="users" tag="shared"> --changed this line to move  
the shared folder inside the "users" folder
               <properties>
                 <acl>
                   <ace>
                     <principal><unauthenticated/></principal>
                     <grant><privilege><read/></privilege></grant>
                     <protected/>
                     <inheritable/>
                   </ace>
                   <ace>
                     <principal><authenticated/></principal>
                     <grant><privilege><all/></privilege></grant>  -- 
changed this line from "read" to "all"
                     <protected/>
                     <inheritable/>
                   </ace>
                 </acl>
               </properties>
               <members/>
             </collection>