[Phamm] phamm interface with openldap issue discussion.

Alessandro De Zorzi lota a klez.it
Lun 5 Dic 2005 09:47:28 CET


Ethan Chai wrote:

> i think almost all of the phamm interface user does suffer with the
> interface issue because of the openldap acl setting.

right!

> Would it be more wise and easier if the phamm use flag at the
> application level to restrict the user instead of using the openldap acl. 

right, this would be easy, I use similar approach with DB application...
but with web interface (only)
restriction could be not safe...

> Well, from what i get when reading the openldap list and googling, it
> seem like lots of user suffer with acl setting with openldap toos.
> Sometimes the acl setting command also change from version to version.
> So,it seem that restict user permission with php is better than using
> acl.:)

all right, anyway minimal ACL setting must be used... see "Re: [Phamm]
ACL problem?"
but if LDAP server have another PHP access (like phpldapadmin) could be
no safe use not restricted ACL

I am looking for a PHP code to do a "ACL parsing"... after this cache
the info and generate the form interface
in dynamic way, phpldapadmin do the same with .schema files... but ACL
structure is very difficult to parser...

in phamm05 a easy solution could be defined in .xml plugin file witch
attributes can be editing role by role,
please see DTD file in phamm05 source and some .xml files in plugins
directory

your suggestions are interesting

thanks
Alessandro



Maggiori informazioni sulla lista Phamm