[Cosmo-dev] Sharing format questions
mimi at osafoundation.org
Tue Jul 25 14:13:59 PDT 2006
On Jul 25, 2006, at 2:02 PM, Bobby Rullo wrote:
> What if I have a specific tagged resource that I want to protect?
> In other words using your semantics I don't see how it would be
> possible to say "All 'home' collection items are read/write, except
> for XXXX, which should be read-only"
> Not sure if it's an important use case, I'm just sayin'.
Perhaps the source of confusion on this issue has to do with
perspective, basically WHO gives you read-only versus read-write
access determines whether read-write or read-only access wins on a
If the owner of the item grants you read-only access to an item in 1
share and then read-write access to the same item in a 2nd share,
read-write access wins.
You cannot grant yourself read-write access on an item by re-sharing
that item in a different collection or adding it to a collection you
have read-write access to.
>> - A Principal which has Read-only permission to an item may not
>> alter it in any way (including tagging/untagging); this solves the
>> problem of someone getting a hold of an item Read-only and then
>> moving to a collection they have Read-write access to and suddenly
>> being able to modify that item.
> I think user's should be able to modify read-only items somehow, so
> that changes appear only on their local machine and on their
> account (Scooby needs to see this stuff too)
In total agreement. The fanciest interpretation of this would be the
ability to add annotations to any field on the item, which will
probably be deferred from Beta unfortunately.
> Once use case for this is alarms - I subscribe to a read-only
> schedule, and I want to set an alarm to remind me to go to a
> particular event. I can't though, cuz it's read-only. iCal actually
> has this problem, and it's annoyed me several times in the past.
There are attributes users can decide not to share, this works today
> Also, people should be able to somehow move read-only stuff into
> other collections - I should be able to copy stuff from an Office
> Address-book into my own address-book for instance. Maybe this
> means that the item is copied instead of moved, giving it a new
> UID, with some meta-data that points to the original object.
Yes, this works today too.
>> - A Principal which has Read-write permission to an item may
>> modify or delete it; they may also tag or untag the item using any
>> Tag that the Principal has Read-write access to. Therefore if a
>> Principal only has Read-only access to a Tag, they may not
>> associate that Tag with any items even if they have Read-write
>> access to those items. In other words, just because I have write
>> access to an Item doesn't mean I can add it to any Tag I want -- I
>> must have been granted Read-write permission for that Tag also.
> Right, you shouldn't be able to pollute other people's collections.
>> There are some details to work out, for sure. Such as:
>> - Who can modify the ACL of a Tag? Any Principal which has a Read-
>> write ACE in that ACL?
>> - Should Tags be hierarchical?
> Would be nice. I would hate to give up the hierarchies I have in iCal.
Depends on what you mean by hierarchy. We should preserve
relationships between tags (e.g. All items tagged as Errands should
also be tagged as Home). But we shouldn't say that Errands can only
live inside of Home. All items tagged as Errands could also be tagged
> cosmo-dev mailing list
> cosmo-dev at lists.osafoundation.org
More information about the cosmo-dev