Re: Checking ACL in dbmail/PostgreSQL
Hi Aron:
I have today zero-base created with DBMA, #User/xxx and #Public/xxx folders
and subscribed to them using Thunderbird for both MySQL and PostgreSQL.
Using dbmail 2.0.4. and DBMA 2.3.5 I have access in Thunderbird to all the
#User/folders created either on pgsql or mysql servers. The pgsql server was
a little slow responding.
Perhaps a look at your dbmail_acl table would be in order.
You should see something like this for the specified user and mailbox:
user_id=(specified)dbmail_users.user_idnr,
mailbox_id=(specified)dbmail_mailboxes.mailbox_idnr, lookup_flag=1,
read_flag=1, seen_flag=1, write_flag=1, insert_flag=1, post_flag=1,
create_flag=1, delete_flag=0, administer_flag=0
If there is a correct entry in dbmail_acl matching a dbmail_users.user_idnr
and a dbmail_mailboxes.mailbox_idnr matching a mailbox belonging to a
*different* user_idnr, the permitted user should be able to subscribe to the
folder at the level of permissions assigned in the dbmail_acl table.
If there is *not* a correct entry in the database, fix it and *refresh* your
MUA again.
For some reason on the pgsql server I had to refresh a couple of times
before Thunderbird fetched the full list. (??) I don't yet know why that
would be. With MySQL, changes are visible for each refresh. I will test a
little more.
best,
Mike
Hi!
That's right, as I wrote 2 letters before I did the exactly the same as
in the documentation described, so I did the same as you wrote. And then
happend nothing! There was no new shared folder visible for subscription
in thunderbird...
Aron
M. J. [Mike] O'Brien wrote:
Ok. Same thing... you must also assign Access Rights to individual
users or allow SETACL to a privileged user who can then manage ACLs
from their ACL-friendly MUA.
Share folder from DBMA User Account Window ..
Then go to Main screen and Select ACL....
Select the folder you just shared...
Type the user_idnr of the user you want to have access to that folder.
Select radio button "new user" and press "Commit".
Alternatively read help para below... for a different approach.
Help is at: http://localhost/dbmailadministrator/DBMA_help.htm#acl
or:
http://library.mobrien.com/dbmailadministrator/DBMA_ACLs.htm
...from
Using ACLs and Shared Folders
a.. Sharing a Users' Folders This is normally done with an
ACL-friendly MUA but DBMA can help you create much of what the user
can do from their MUA if it is easier to do it for them than explain
how; or in the event that your user has made a mistake and you are on
a repair mission. In the drop-down display of available ACL-eligible
folders in the User Account Window you will see all of the "#Public"
folders plus all of the users folders. They are all eligible for
sharing. Example for User Account Window for: Bob
#Public/common
bob/INBOX
bob/Trash
bob/Sent
bob/shared
a.. If you select and add a set of Access Rights to "bob/shared", it
will be available across the system under #Users but no one will be
able to share it unless you assign Access Rights to additional users;
or allow bob SETACL (Admin) rights for that folder and he can do it
all for you.
a.. You manage individual user rights from the User Account Window and
manage #Public and #User rights from the global Access Control List
Tools (select ACL on the Main Screen). Assigning rights to
#Users/folder can be done with the DBMA Access Control List Tools
after the #User/folder has been shared from the User Account Window.
The first step is to go to the User Account Window, create the shared
folder by assigning the owner full Access Rights. Next you return to
the DBMA ACL Tools and select the new shared #User/folder you created
and one after another add the users need ing acces rights on this folder.
