How Do Relationships Work

From Davical
Revision as of 22:19, 19 March 2010 by Karora (talk) (Out of Date)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Out of Date

From 0.9.8 a new Permissions model was introduced and all information on this page does not apply to newer DAViCal versions.

Old Documentation

This is all much to complicated, and it doesn't map nicely to the DAV permissions model. For this reason we are planning a new Permissions Redesign which should address the complexities and inconsistencies explained here, replacing them with an entirely new set of complexities and inconsistencies. Hopefully that set will be smaller!

Standard Relationship Types

The standard relationship types are:

Name Rights
Administers A
Can see free/busy time of F
Is a member of group R
is Assistant to RW

A Group vs. a User

A Group, in the sense of this page, is a user with the User Role of 'Group'. A group should not have a calendar - if it does it will only be visible via type 'A' relationships.

A relationship between two users

The most important column here is the 'Rights' one. In the simplest case you have a relationship between two users, and the 'Rights' controls the amount of access the 'from' person has to the 'to' person's calendar.

Rights Values

The values of the rights mean:

Right Meaning
A All access
W Write
R Read
F View Free/Busy

How Different Relationships Work

When the relationship is to a normal user

When the target of the relationship does not have the 'Group' role set, the target itself may have calendars which are accessible to all of the linked users in the way that the link defines.

For example:

A =R> U
B =A> U
C =F> U

will mean that user 'A' can see the calendar of 'U' (but not modify it), user 'B' can do anything to the calendar of 'U', and user 'C' can only see free/busy information from the calendar of user 'U'.

If this is what you want, make sure that you *don't* make user 'U' a 'Group.

When the relationship is to a "group"

If the relationship is to a group, then the effects vary depending on whether that group has any further relationships.

If there are no further relationships

In this case the group is a shorthand for a relationship from each member to each other member:

A => G  \ 
B => G ---   where     G => nothing
C => G  /

is equivalent to:

A => B
B => A
A => C
C => A
B => C
C => B

If the group has relationships from it

In this case the group is a shorthand for adding each of those outgoing relationships to the people who are related to the group:

A => G  \              G => E
B => G ---   where     G => F
C => G  /

is equivalent to:

A => E   and   A => F
B => E   and   B => F
C => E   and   C => F

Seeing the Expansion of Permissions

Here is an SQL fragment which you can use to expand the permissions:

SELECT usr.user_no AS "From",
       get_permissions(usr.user_no,tgt.user_no) AS "Rights",
       tgt.user_no AS "To"
   FROM usr, usr tgt
  WHERE get_permissions(usr.user_no,tgt.user_no) != '';

Note that this is a cartesian join, so if you have many thousands of users it may take a wee while (order n squared).