[Davical-general] How do I avoid a user to access to list of users and user's data ?

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Davical-general] How do I avoid a user to access to list of users and user's data ?

pcouderc
I have created a user in Davical, but she has acces to the list of other
users.
Is it possible to forbid that access ?

Thanks
Pierre Couderc


------------------------------------------------------------------------------
_______________________________________________
Davical-general mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/davical-general
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: How do I avoid a user to access to list of users and user's data ?

Florian Schlichting-2
Hi Pierre,

> I have created a user in Davical, but she has acces to the list of other
> users.
> Is it possible to forbid that access ?

I don't know of any way to do that while still keeping admin.php
available to users. This is part of issue #59
(https://gitlab.com/davical-project/davical/issues/59) and it would be
interesting to know more about how exactly you would want this feature
to work in your setup - once people start collaborating they often want
to give (read-only) access to their work calendar to (some) other
people, and if finding and entering these other people is made easy, it
is also easy to discover who the other users on the server are...

Perhaps you could add your requirements to the above mentioned issue?

Florian

------------------------------------------------------------------------------
_______________________________________________
Davical-general mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/davical-general
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: How do I avoid a user to access to list of users and user's data ?

Florian Schlichting-2
On Mon, Jan 04, 2016 at 11:59:31AM +0100, Pierre Couderc wrote:
> Thank you, I have done it.
> Is there a simple solution (or small patch) to forbid any user to connect to
> admin.php except, except admin..?

well, you could use .htaccess or similar webserver mechanism to restrict
access to index.php / admin.php to a particular IP address range. But of
course that's a clumsy solution...

Florian



------------------------------------------------------------------------------
_______________________________________________
Davical-general mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/davical-general
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: How do I avoid a user to access to list of users and user's data ?

pcouderc
Sure...

On 01/04/2016 03:16 PM, Florian Schlichting wrote:

> On Mon, Jan 04, 2016 at 11:59:31AM +0100, Pierre Couderc wrote:
>> Thank you, I have done it.
>> Is there a simple solution (or small patch) to forbid any user to connect to
>> admin.php except, except admin..?
> well, you could use .htaccess or similar webserver mechanism to restrict
> access to index.php / admin.php to a particular IP address range. But of
> course that's a clumsy solution...
>
> Florian
>
>


------------------------------------------------------------------------------
_______________________________________________
Davical-general mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/davical-general
Loading...