[Kolab-devel] Kolab-Webadmin group memberships
Jeroen van Meeuwen (Kolab Systems)
vanmeeuwen at kolabsys.com
Tue Feb 11 15:45:54 CET 2014
On 2014-02-11 14:20, Henning wrote:
> Hi,
>
> kolab-webadmin is quite flexible concerning the design of your special
> environment. However for users I'm missing a "user.groups" section to
> easily identify the groups a user is member of. The section could be
> read-only, but it would make things easier to handle.
> For this I think one could have a look at the code somewhere in the
> roundcubemail addressbook.
>
> I tried to figure out what to do, but I'm bad at php, so maybe one of
> you could spend some time on this.
>
You're right, this would be a nice enhancement.
Just like we have "Role(s)" already there, we should also have
"Group(s)".
It's a little tricky for roles are actually attached to the user object
entry itself, and therefore almost "free" to pull in performance-wise.
Groups however work the other way around, and what is even worse is that
dynamic groups would be omitted unless each of its searches is executed
in an attempt to find whether or not the user is a member of such
dynamic group (see groupofurls).
That said, this could be amended by enabling the memberOf plugin, though
I'm not sure that would work for dynamic groups equally well as it does
for static groups.
We expose an API call to find groups a certain user is a member of here:
http://git.kolab.org/pear/Net_LDAP3/tree/lib/Net/LDAP3.php#n906
but note it does only direct membership of static groups, and not a
scenario like the following (for a user uid=doe):
dn: cn=mail-users,ou=Groups,dc=example,dc=org
objectclass: groupofuniquenames
uniquemember: cn=kolab-users,ou=Groups,dc=example,dc=org
dn: cn=kolab-users,ou=Groups,dc=example,dc=org
objectclass: groupofuniquenames
uniquemember: uid=doe,ou=People,dc=example,dc=org
only the kolab-users group would be returned. One could probably loop,
but watch out for infinite nesting.
Kind regards,
Jeroen van Meeuwen
--
Systems Architect, Kolab Systems AG
e: vanmeeuwen at kolabsys.com
m: +44 74 2516 3817
w: http://www.kolabsys.com
pgp: 9342 BF08
More information about the devel
mailing list