Mimi Yin wrote:
Aparna and Andre have been investigating a bug where Andre gained
read-write access to a Chandler item he received via email by adding
it to a second shared collection he has read-write access to.
As a result, Aparna and I were seeing Andre's non-emailed edits on the
item and vice versa, even though we never set up a formal sharing
relationship by exchanging read-write ticket URLs for a commonly
shared collection.
Randy, Morgen, could you give us on the design list an update on where
you are wrt this issue (or point us to the latest dev-list write-up)?
Ah yes my favorite topic. I've started a page with some notes:
http://chandlerproject.org/Journal/CosmoAccessControlNotes
There hasn't been much discussion on the cosmo-dev list so far (probably
because people go crazy after reading the notes). Morgen and I talked
about ideas today (I've updated the notes page with thoughts at the
bottom) and both of us are leaning towards storing copies of items on
the server (one item per account) rather than a single item (the way it
is now). This is actually going back to the way the server *used* to
work. The only problem with this is that it presents some problems
with the web ui when an item in multiple collections is updated (mainly
that the webui doesn't support this and will only update a single
collection).
Also, the client bug for this is:
https://bugzilla.osafoundation.org/show_bug.cgi?id=11013
I don't think there is a server bug opened yet.
-Randy
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Open Source Applications Foundation "Design" mailing list
http://lists.osafoundation.org/mailman/listinfo/design
