[Kolab-devel] freebusy CVS observation + questions

Mike Gabriel m.gabriel at das-netzwerkteam.de
Thu Feb 21 23:16:20 CET 2008


hi gunnar,

On Donnerstag 21 Februar 2008, Mike Gabriel wrote:
> hi martin,
>
> On Donnerstag 21 Februar 2008, Martin Konold wrote:
> > Am Donnerstag, 21. Februar 2008 schrieb Mike Gabriel:
> >
> > Hi,
> >
> > > it does not seem possible to ACL-share cyrus folders if two people
> > > belong to two different virtual kolab domains. example:
> > >
> > >   m.gabriel at sunweavers.net
> > >
> > > cannot access shares of
> > >
> > >   m.gabriel at moonweavers.net
> > >
> > > at least not in horde, the ACLs are simply dropped when i set them. i
> > > haven't checked other kolab clients, but if this is intended, we are
> > > pretty fine with the above issue!!!
> >
> > Currently cyrus imapd does not allow for cross domain ACLs.
>
> this is great news (well, for some it probably is not..., but for this case
> it is).
>
> @gunnar: if you do not mind, i will write a patch for triggerFreeBusyUpdate
> that takes advantage of this fact?
>
> the plan is:
>
>   o get the authenticated user, find out his/her mail domain
>   o append this mail domain to "someone" for any folder that looks like
>     user/someone/somefolder
>   o then perform a http request to
>    
> https:/my.mailserver.here/freebusy/trigger/someone at domain/somefolder.xpfb
>
> mike


here is my private solution to the issue (patched against horde-3.2rc1 as in 
horde-webmail-1.1rc1):

<snip>
--- 
a/lib/Horde/Kolab.php       2007-11-29 12:32:52.000000000 +0000
+++ b/lib/Horde/Kolab.php       2008-02-21 22:09:11.000000000 +0000
@@ -758,9 +758,13 @@
     function triggerFreeBusyUpdate($share_uid)
     {
         global $conf;

         $folder_path = rawurldecode($share_uid);

+        // cyrus does not support cross domain ACLs
+        // any user folder we have access to will be in our own domain/realm
+        $thisuser_auth = Auth::getAuth();
+        $thisuser_realm = substr($thisuser_auth, strpos($thisuser_auth, '@')    
+1, strlen($thisuser_auth));
+
         // IMAP path is either /INBOX/<path>@domain or
         // /user/someone/<path>@domain strip domain
         $end = strrpos($folder_path, '@');
@@ -781,7 +785,10 @@
         if (strncmp($folder_path, '/INBOX/', 7) == 0) {
             $folder = Auth::getAuth() . '/' . 
rawurlencode(substr($folder_path, $second_slash + 1));
         } else {
-            $folder = rawurlencode(substr($folder, $second_slash + 1));
+            $folder_path_arr = explode("/", $folder_path);
+            $otheruser_auth = $folder_path_arr[2].'@'.$thisuser_realm;
+            $third_slash = strpos($folder_path, $folder_path_arr[3]);
+            $folder = $otheruser_auth.'/'.substr($folder_path, $third_slash);
         }
         $url = 'https://' . Kolab::getServer("imap") .
             '/freebusy/trigger/' . $folder . '.xpfb';

</snip>

also attached...

mike



-- 

+++ das-netzwerkteam.de +++

mike gabriel, hamburger chaussee 240, 24113 kiel
fon: +49 431 64-74-196
fax: +49 431 64-74-276
voip/voicemail: +49 431 643 643 6
mail: m.gabriel at das-netzwerkteam.de
www: http://das-netzwerkteam.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: triggerFBUpdate.patch
Type: text/x-diff
Size: 1030 bytes
Desc: not available
URL: <http://lists.kolab.org/pipermail/devel/attachments/20080221/94ab22ce/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.kolab.org/pipermail/devel/attachments/20080221/94ab22ce/attachment.sig>


More information about the devel mailing list