community.egroupware.org: Community wiki

  
Community wiki
ACL

ACL - Access Control Lists

The ACLs allow you to grant other people access to your data on a per user or per group basis.

The principle of the ACL is to grant access, that means:
  • you can say: user x or group y is allowed to read and/or modify my data
  • the admin can say: all members of group x allow each other or another group or user to access their data
  • access can be granted for the following levels (and each mixture of them):
    • read - read non-private (!) data
    • edit - change data
    • add - add new entries
    • delete - delete data
    • private - access data marked as private (can not be granted on group-level))
It should be noted that not all eGroupWare applications have ACL and/or all of the above levels implemented.

Where to set these grants/the ACL:
  1. on a per user basis, each user can do it in his preferences for each application: Grant access
  2. on a per group basis, an admin can set it in admin / group-manager (Group accounts) by clicking on the blue squares besides an application if implemented.

Good ACL practices for admins

  • create groups by function and assign people to them.
  • have one group with all users.
  • assign ACLs only on group level.

Examples

  • Set up a group so that they can read or view each others calendar:
This can be achieved most easily with group-ACLs. That way it works not only for users who are in that group at the moment but also for users added later and it is automaticaly removed if the user is removed from that group. Go to Admin / Group accounts and edit the concerned group. In the edit view, click on the blue square in the ACL column beside the calendar app. This will open another window with the ACL for that group and the calendar app. Now you select read-access for the group itself.

  • Allow a secretary to "manage" my calendar:
Manage means a nominated user has to be able to add appointments in my calendar and confirm them on my behalf. You have to grant the secretary read, edit and add access to your calendar. Go to your preferences and start Calendar / Grant access. Check read, edit and add for the secretary user. The secretary can then select your calendar in any view and add appointsments to it.



User manual
You are here