[Kolab-devel] [issue1246] Permission handling in the webadmin frontend

Gunnar Wrobel kolab-issues at intevation.de
Wed May 17 16:27:39 CEST 2006


New submission from Gunnar Wrobel <wrobel at pardus.de>:

The permissions provided by the webadmin frontend seems to disagree with some of
the permissions as defined by the LDAP acls.

 - webadmin allows access to the global address book for domain maintainers
(issue 1188)
 - webadmin does not allow domain maintainers to modify their password
 - webadmin does not allow maintainers to create domain maintainers
 - webadmin does not signal write protection on the (domain) maintainer dialog
for firstname, lastname, uid

I tried to use the permissions given by LDAP as reference point and hope that I
understood the security concept behind it. 

I'll attach the suggested patches.

----------
assignedto: steffen
messages: 7425
nosy: steffen, wrobel
priority: bug
status: unread
title: Permission handling in the webadmin frontend
________________________________________________
Kolab issue tracker <kolab-issues at intevation.de>
<https://intevation.de/roundup/kolab/issue1246>
________________________________________________




More information about the devel mailing list