Hello Christian,
Could you please let me know how can I reproduce/test unauthenticated
access for free/busy status?
Thanks,
Igor
Igor Vitorac wrote, On 13/11/2012 19:28:
Hello Christian,
If you configure:
defaults write sogod SOGoCalendarDefaultRoles
'(PublicDAndTViewer,ConfidentialDAndTViewer,PrivateDAndTViewer)'
Then, if you go to the ACL config of any user's calendar, you will
ONLY see Any authenticated user entry!
If you have additional (hidden) access Unauthenticated user, and it
is not displayed then that is a bug!
I would not consider this as enhancement, but a big security issue.
Christian, could you please let me know exact steps to reproduce
unauthenticated access for free/busy status?
Thanks,
Igor
Christian Mack wrote, On 13/11/2012 19:10:
Hello Milos Wimmer
On 2012-11-13 16:07, Milos Wimmer wrote:
is here any way how could I set default access policy for
unauthenticated (anonymous) users?
It looks SOGo uses the same SOGoCalendarDefaultRoles for both
authenticated and unauthenticated users.
That is correct. There is no setting specifically for anonymous access.
I would like to use:
SOGoCalendarDefaultRoles=PublicDAndTViewer for Any Authenticated
User
and
SOGoCalendarDefaultRoles=None for Public Access.
Maybe some new SOGoCalendarPublicDefaultRoles parameter could be used
for this...
It would be very useful considering different access policy for
authenticated and all unauthenticated users respects privacy of our
users.
Then open an enhancement request for this at
http://www.sogo.nu/bugs
Kind regards,
Christian Mack
--
users@sogo.nu
https://inverse.ca/sogo/lists
