[CalendarServer-users] Calendar Sharing - ACLs?

Cyrus Daboo cdaboo at apple.com
Thu Jan 10 07:00:22 PST 2008

Hi Stephen,

--On January 10, 2008 9:36:12 AM -0500 Stephen Bowman <sbbowman at gmail.com> 

> So, I've installed mulberry, and attempt to edit access controls and I'm
> getting:
> 2008-01-10 09:02:01-0500 [-] [caldav-8181]  [AMP,client] PROPFIND
> /principals/users/user01

Not sure exactly what you were trying to edit there, but it looks like you 
were trying to edit ACLs on a principal resource, whereas what you really 
need to do is edit ACLs directly on the calendar you want to share. But 
note comments below...

> 1) Are ACLs the way to solve my problem?  Or is there an easier way to
> support sharing?  Would like to use delegation, but as I understand it,
> that
> can only be done by setting up an OD server, etc etc.

Delegation is the best way to do this. At present that is most easily setup 
using iCal and does require iCal bound to OD.

> 2) If ACLs are the way, what could be the problem above?  File permissions
> don't seem to be the problem, as everything is caldavd:caldavd and the
> server is started up by user caldavd.

If you really want to use ACLs, then set the ACLs on 
/calendars/users/user02/calendar to give /principals/__uids__/XXX (whatever 
the principalURL is for user01) read access.

(2) can be done using Mulberry but you do need to find the __uids__ URL for 
user01 - that can be done by using Safari to navigate to 
/principals/users/user01/ and looking at the resulting page.

In my spare time I have been working on a little command line tool that 
will allow browsing of a WebDAV/CalDAV hierarchy, plus some direct 
manipulation of ACLs and delegates. This tool would allow you to easily set 
ACLs and delegates from the command line without the need to be bound to OD 
etc. I am hoping to push this tool out to the open source site soon. I'll 
post to this list once that happens.

Cyrus Daboo

More information about the calendarserver-users mailing list