[CalendarServer-users] Client library and admin tool
cdaboo at apple.com
Fri Apr 4 07:58:02 PDT 2008
--On April 4, 2008 7:22:09 AM -0700 Scott Buchanan <dscottbuch at mac.com>
> Any idea why the ACL doesn't change and why the error (Ignoring error)?
> Also, is there any way with runshell.py to increase the reporting?
The logging command in the shell will turn on protocol tracing (basically
it will print every http request/response.)
I think what is happening in your case is that you are running into a
restriction on what you can change in an ACL. By default the server
provisions each user and group to have DAV:all inheritable access to their
on calendar home, and that DAV:ace element is protected. As a result, you
cannot add a DAV:ace that possibly conflicts with that by overriding a
I think what you need to do is something like this:
1) Create a group (enabled for calendaring) for the calendar data and make
those users who should be able to create/delete calendars members of that
2) Create another group (not enabled for calendaring) and add users who
should have read/write access to the event data, but not create/delete
3) For each calendar created in the main group, change the ACL on the
calendar collection to give the non-calendar group DAV:read and DAV:write
Ultimately it would probably be handy if you could set the read/write
access for the non-calendar group on the calendar home and have that be
inheritable so that you don't have to set it up on each new calendar.
Whilst our server does support an option to make a DAV:ace inheritable,
there is no way to control that via the ACL method.
More information about the calendarserver-users