1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<!--Converted with jLaTeX2HTML 2002 (1.62) JA patch-1.4
patched version by: Kenshi Muto, Debian Project.
LaTeX2HTML 2002 (1.62),
original version by: Nikos Drakos, CBLU, University of Leeds
* revised and updated by: Marcus Hennecke, Ross Moore, Herb Swan
* with significant contributions from:
Jens Lippmann, Marek Rouchal, Martin Wilck and others -->
<HTML>
<HEAD>
<TITLE>16. Shared documents</TITLE>
<META NAME="description" CONTENT="16. Shared documents">
<META NAME="keywords" CONTENT="sympa">
<META NAME="resource-type" CONTENT="document">
<META NAME="distribution" CONTENT="global">
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="jLaTeX2HTML v2002 JA patch-1.4">
<META HTTP-EQUIV="Content-Style-Type" CONTENT="text/css">
<LINK REL="STYLESHEET" HREF="sympa.css">
<LINK REL="next" HREF="node18.html">
<LINK REL="previous" HREF="node16.html">
<LINK REL="up" HREF="sympa.html">
<LINK REL="next" HREF="node18.html">
</HEAD>
<BODY TEXT="#000000" BGCOLOR="#ffffff">
<!--Navigation Panel-->
<A NAME="tex2html1128"
HREF="node18.html">
<IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next" SRC="next.png"></A>
<A NAME="tex2html1122"
HREF="sympa.html">
<IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" SRC="up.png"></A>
<A NAME="tex2html1116"
HREF="node16.html">
<IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" SRC="prev.png"></A>
<A NAME="tex2html1124"
HREF="node1.html">
<IMG WIDTH="65" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="contents" SRC="contents.png"></A>
<A NAME="tex2html1126"
HREF="node23.html">
<IMG WIDTH="43" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="index" SRC="index.png"></A>
<BR>
<B> Next:</B> <A NAME="tex2html1129"
HREF="node18.html">17. Bounce management</A>
<B> Up:</B> <A NAME="tex2html1123"
HREF="sympa.html">Sympa Mailing Lists Management Software version</A>
<B> Previous:</B> <A NAME="tex2html1117"
HREF="node16.html">15. List configuration parameters</A>
  <B> <A NAME="tex2html1125"
HREF="node1.html">Contents</A></B>
  <B> <A NAME="tex2html1127"
HREF="node23.html">Index</A></B>
<BR>
<BR>
<!--End of Navigation Panel-->
<!--Table of Child-Links-->
<A NAME="CHILD_LINKS"><STRONG>Subsections</STRONG></A>
<UL>
<LI><A NAME="tex2html1130"
HREF="node17.html#SECTION001710000000000000000">16.1 The three kind of operations on a document</A>
<LI><A NAME="tex2html1131"
HREF="node17.html#SECTION001720000000000000000">16.2 The description file</A>
<UL>
<LI><A NAME="tex2html1132"
HREF="node17.html#SECTION001721000000000000000">16.2.1 Structure of description files</A>
</UL>
<BR>
<LI><A NAME="tex2html1133"
HREF="node17.html#SECTION001730000000000000000">16.3 The predefined authorization scenarios</A>
<UL>
<LI><A NAME="tex2html1134"
HREF="node17.html#SECTION001731000000000000000">16.3.1 The public scenario</A>
<LI><A NAME="tex2html1135"
HREF="node17.html#SECTION001732000000000000000">16.3.2 The private scenario</A>
<LI><A NAME="tex2html1136"
HREF="node17.html#SECTION001733000000000000000">16.3.3 The scenario owner</A>
</UL>
<BR>
<LI><A NAME="tex2html1137"
HREF="node17.html#SECTION001740000000000000000">16.4 Access control</A>
<UL>
<LI><A NAME="tex2html1138"
HREF="node17.html#SECTION001741000000000000000">16.4.1 Listmaster and privileged owners</A>
<LI><A NAME="tex2html1139"
HREF="node17.html#SECTION001742000000000000000">16.4.2 Special case of the <TT>shared</TT> directory</A>
<LI><A NAME="tex2html1140"
HREF="node17.html#SECTION001743000000000000000">16.4.3 General case</A>
</UL>
<BR>
<LI><A NAME="tex2html1141"
HREF="node17.html#SECTION001750000000000000000">16.5 Shared document actions</A>
<LI><A NAME="tex2html1142"
HREF="node17.html#SECTION001760000000000000000">16.6 Template files</A>
<UL>
<LI><A NAME="tex2html1143"
HREF="node17.html#SECTION001761000000000000000">16.6.1 d_read.tpl</A>
<LI><A NAME="tex2html1144"
HREF="node17.html#SECTION001762000000000000000">16.6.2 d_editfile.tpl</A>
<LI><A NAME="tex2html1145"
HREF="node17.html#SECTION001763000000000000000">16.6.3 d_control.tpl</A>
</UL></UL>
<!--End of Table of Child-Links-->
<HR>
<H1><A NAME="SECTION001700000000000000000"></A>
<A NAME="shared"></A> <A NAME="3345"></A>
<BR>
16. Shared documents
</H1>
<P>
Shared documents are documents that different users can manipulate
on-line via the web interface of <I>Sympa</I>, provided that the are authorized
to do so. A shared space is associated with a list, and users of the list
can upload, download, delete, etc, documents in the shared space.
<P>
<A NAME="8120"></A><I>WWSympa</I> shared web features are fairly rudimentary. It is not our aim to provide
a sophisticated tool for web publishing, such as are provided by products
like <I>Rearsite</I>.
It is nevertheless very useful to be able to define privilege on
web documents in relation to list attributes such as <I>subscribers</I>,
<I>list owners</I>, or <I>list editors</I>.
<P>
All file and directory names are lowercased by Sympa. It is consequently
impossible to create two different documents whose names differ only
in their case. The reason Sympa does this is to allow correct URL links
even when using an HTML document generator (typically Powerpoint) which uses
random case for file names!
<P>
In order to have better control over the documents and to enforce security in
the shared space, each document is linked to a set of specific control information :
its access rights.
<P>
A list's shared documents are stored in the <A NAME="8123"></A><TT>/home/sympa/expl/mylist/shared</TT>
directory.
<P>
This chapter describes how the shared documents are managed,
especially as regards their access rights.
We shall see :
<P>
<UL>
<LI>the kind of operations which can be performed on shared documents
<P>
</LI>
<LI>access rights management
<P>
</LI>
<LI>access rights control specifications
<P>
</LI>
<LI>actions on shared documents
<P>
</LI>
<LI>template files
</LI>
</UL>
<P>
<H1><A NAME="SECTION001710000000000000000"></A>
<A NAME="shared-operations"></A>
<BR>
16.1 The three kind of operations on a document
</H1>
Where shared documents are concerned, there are three kinds of operation which
have the same constraints relating to access control :
<UL>
<LI>The read operation :
<BR>
<UL>
<LI>If applied on a directory, opens it and lists its contents (only those
sub-documents the user is authorized to ``see'').
</LI>
<LI>If applied on a file, downloads it, and in the case of a viewable file (<I>text/plain</I>, <I>text/html</I>,
or image), displays it.
</LI>
</UL>
</LI>
<LI>The edit operation allows :
<BR>
<UL>
<LI>Subdirectory creation
</LI>
<LI>File uploading
</LI>
<LI>Description of a document (title and basic information)
</LI>
<LI>On-line editing of a text file
</LI>
<LI>Document (file or directory) removal. If on a directory, it must be empty.
</LI>
</UL>
These different edit actions are equivalent as regards access rights. Users who are
authorized to edit a directory can create a subdirectory or upload a file to it,
as well as describe or delete it. Users authorized to edit a file can edit
it on-line, describe it, replace or remove it.
</LI>
<LI>The control operation :
<BR>
The control operation is directly linked to the notion of access rights. If we wish
shared documents to be secure, we have to control the access to them. Not everybody
must be authorized to do everything to them. Consequently, each document has
specific access rights for reading and editing. Performing a control action on a document
involves changing its Read/Edit rights.
<BR>
The control operation has more restrictive access rights than the other two operations.
Only the owner of a document, the privileged owner of the list and the listmaster have
control rights on a document. Another possible control action on a document is therefore
specifying who owns it.
</LI>
</UL>
<P>
<H1><A NAME="SECTION001720000000000000000"></A>
<A NAME="shared-desc-file"></A>
<BR>
16.2 The description file
</H1>
The information (title, owner, access rights...) relative to each document must be stored, and so
each shared document is linked to a special file called a description file, whose name includes
the <A NAME="8126"></A><TT>.desc</TT> prefix.
<P>
The description file of a directory having the path <A NAME="8129"></A><TT>mydirectory/mysubdirectory</TT> has the path
<A NAME="8132"></A><TT>mydirectory/mysubdirectory/.desc</TT> .
The description file of a file having the path <A NAME="8135"></A><TT>mydirectory/mysubdirectory/myfile.myextension</TT> has the path
<A NAME="8138"></A><TT>mydirectory/mysubdirectory/.desc.myfile.myextension</TT> .
<P>
<H2><A NAME="SECTION001721000000000000000">
16.2.1 Structure of description files</A>
</H2>
<P>
The structure of a document (file or directory) description file is given below.
You should <I>never</I> have to edit a description file.
<P><PRE>
title
<description of the file in a few words>
creation
email <e-mail of the owner of the document>
date_epoch <date_epoch of the creation of the document>
access
read <access rights for read>
edit <access rights for edit>
</PRE>
<P>
The following example is for a document that subscribers can read, but which only the owner of the document
and the owner of the list can edit.<PRE>
title
module C++ which uses the class List
creation
email foo@some.domain.com
date_epoch 998698638
access
read private
edit owner
</PRE>
<P>
<H1><A NAME="SECTION001730000000000000000"></A>
<A NAME="shared-scenarios"></A>
<BR>
16.3 The predefined authorization scenarios
</H1>
<P>
<H2><A NAME="SECTION001731000000000000000">
16.3.1 The public scenario</A>
</H2>
The <B>public</B> scenario is the most permissive scenario. It enables anyone (including
unknown users) to perform the corresponding action.
<P>
<H2><A NAME="SECTION001732000000000000000">
16.3.2 The private scenario</A>
</H2>
The <B>private</B> scenario is the basic scenario for a shared space. Every subscriber of
the list is authorized to perform the corresponding action. The <B>private</B> scenario is the default
read scenario for <A NAME="8141"></A><TT>shared</TT> when this shared space is created. This can be modified by editing
the list configuration file.
<P>
<H2><A NAME="SECTION001733000000000000000">
16.3.3 The scenario owner</A>
</H2>
The scenario <B>owner</B> is the most restrictive scenario for a shared space.
Only the listmaster, list owners and the owner of the document
(or those of a parent document) are allowed to perform the corresponding action.
The <B>owner</B> scenario is the default scenario for editing.
<P>
<H1><A NAME="SECTION001740000000000000000"></A>
<A NAME="shared-access"></A>
<BR>
16.4 Access control
</H1>
Access control is an important operation performed
every time a document within the shared space is accessed.
<P>
The access control relative to a document in the hierarchy involves an iterative
operation on all its parent directories.
<P>
<H2><A NAME="SECTION001741000000000000000">
16.4.1 Listmaster and privileged owners</A>
</H2>
The listmaster and privileged list owners are special users in the shared
web. They are allowed to perform every action on every document in
the shared space. This privilege enables control over
the shared space to be maintained. It is impossible to prevent the listmaster and
privileged owners from performing whatever action they please on any document
in the shared space.
<P>
<H2><A NAME="SECTION001742000000000000000"></A><A NAME="8144"></A>
<BR>
16.4.2 Special case of the <TT>shared</TT> directory
</H2>
In order to allow access to a root directory to be more restrictive than
that of its subdirectories, the <A NAME="8147"></A><TT>shared</TT> directory (root directory) is
a special case as regards access control.
The access rights for read and edit are those specified in the list configuration file.
Control of the root directory is specific.
Only those users authorized to edit a list's configuration may change access rights on
its <A NAME="8150"></A><TT>shared</TT> directory.
<P>
<H2><A NAME="SECTION001743000000000000000">
16.4.3 General case</A>
</H2>
<A NAME="8153"></A><TT>mydirectory/mysubdirectory/myfile</TT> is an arbitrary document in the shared space,
but not in the <I>root</I> directory. A user <B>X</B> wishes to perform one
of the three operations (read, edit, control) on this document.
The access control will proceed as follows :
<UL>
<LI>Read operation
<BR>
To be authorized to perform a read action on
<A NAME="8156"></A><TT>mydirectory/mysubdirectory/myfile</TT>, <B>X</B> must be
authorized to read every document making up the path; in other words, she
must be allowed to read <A NAME="8159"></A><TT>myfile</TT> (the authorization scenario of the description file
of <A NAME="8162"></A><TT>myfile</TT> must return <I>do_it</I> for user <B>X</B>), and the
same goes for <A NAME="8165"></A><TT>mysubdirectory</TT> and <A NAME="8168"></A><TT>mydirectory</TT>).
<BR>
In addition, given that the owner of a document or one of its parent directories
is allowed to perform <B>all actions on that document</B>,
<A NAME="8171"></A><TT>mydirectory/mysubdirectory/myfile</TT> may also have read operations performed
on it by the owners of <A NAME="8174"></A><TT>myfile</TT>, <A NAME="8177"></A><TT>mysubdirectory</TT>,
and <A NAME="8180"></A><TT>mydirectory</TT>.
<P>
This can be schematized as follows :<PRE>
X can read <a/b/c>
if
(X can read <c>
AND X can read <b>
AND X can read <a>)
OR
(X owner of <c>
OR X owner of <b>
OR X owner of <a>)
</PRE>
<P>
</LI>
<LI>Edit operation
<BR>
The access algorithm for edit is identical to the algorithm for read :<PRE>
X can edit <a/b/c>
if
(X can edit <c>
AND X can edit <b>
AND X can edit <a>)
OR
(X owner of <c>
OR X owner of <b>
OR X owner of <a>)
</PRE>
<P>
</LI>
<LI>Control operation
<BR>
The access control which precedes a control action (change rights
or set the owner of a document) is much more restrictive.
Only the owner of a document or the owners of a parent
document may perform a control action :<PRE>
X can control <a/b/c>
if
(X owner of <c>
OR X owner of <b>
OR X owner of <a>)
</PRE>
<P>
</LI>
</UL>
<P>
<H1><A NAME="SECTION001750000000000000000">
16.5 Shared document actions</A>
</H1>
<P>
The shared web feature has called for some new actions.
<UL>
<LI>action D_ADMIN
<BR>
Create the shared web, close it or restore it. The d_admin action is accessible
from a list's <B>admin</B> page.
</LI>
<LI>action D_READ
<BR>
Reads the document after read access control. If a folder, lists all the subdocuments that can
be read. If a file, displays it if it is viewable, else downloads it to disk.
If the document to be read contains a file named <A NAME="8183"></A><TT>index.html</TT> or <A NAME="8186"></A><TT>index.htm</TT>, and if
the user has no permissions other than read on all contained subdocuments, the read action will
consist in displaying the index.
The d_read action is accessible from a list's <B>info</B> page.
</LI>
<LI>action D_CREATE_DIR
<BR>
Creates a new subdirectory in a directory that can be edited.
The creator is the owner of the directory. The access rights are
those of the parent directory.
</LI>
<LI>action D_DESCRIBE
<BR>
Describes a document that can be edited.
</LI>
<LI>action D_DELETE
<BR>
Deletes a document after edit access control. If applied to a folder, it has to be empty.
</LI>
<LI>action D_UPLOAD
<BR>
Uploads a file into a directory that can be edited.
</LI>
<LI>action D_OVERWRITE
<BR>
Overwrites a file if it can be edited. The new owner of the file is the one who has done
the overwriting operation.
</LI>
<LI>actions D_EDIT_FILE and D_SAVE_FILE
<BR>
Edits a file and saves it after edit access control. The new owner of the file is the one
who has done the saving operation.
</LI>
<LI>action D_CHANGE_ACCESS
<BR>
Changes the access rights of a document (read or edit), provided that control of this document is
authorized.
</LI>
<LI>action D_SET_OWNER
<BR>
Changes the owner of a directory, provided that control of this document is
authorized. The directory must be empty. The new owner can be anyone, but authentication is necessary
before any action may be performed on the document.
<P>
</LI>
</UL>
<P>
<H1><A NAME="SECTION001760000000000000000">
16.6 Template files</A>
</H1>
The following template files have been created for the shared web:
<P>
<H2><A NAME="SECTION001761000000000000000">
16.6.1 d_read.tpl</A>
</H2>
The default page for reading a document. If for a file, displays it (if
viewable) or downloads it. If for a directory, displays all readable
subdocuments, each of which will feature buttons corresponding
to the different actions this subdocument allows. If the directory is
editable, displays buttons to describe it, upload a file to it
or create a new subdirectory. If access to the document is editable,
displays a button to edit the access to it.
<P>
<H2><A NAME="SECTION001762000000000000000">
16.6.2 d_editfile.tpl</A>
</H2>
The page used to edit a file. If for a text file, allows it to be edited on-line.
This page also enables the description of the file to be edited, or another file
to be substituted in its place.
<P>
<H2><A NAME="SECTION001763000000000000000">
16.6.3 d_control.tpl</A>
</H2>
The page to edit the access rights and the owner of a document.
<P>
<HR>
<!--Navigation Panel-->
<A NAME="tex2html1128"
HREF="node18.html">
<IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next" SRC="next.png"></A>
<A NAME="tex2html1122"
HREF="sympa.html">
<IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" SRC="up.png"></A>
<A NAME="tex2html1116"
HREF="node16.html">
<IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" SRC="prev.png"></A>
<A NAME="tex2html1124"
HREF="node1.html">
<IMG WIDTH="65" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="contents" SRC="contents.png"></A>
<A NAME="tex2html1126"
HREF="node23.html">
<IMG WIDTH="43" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="index" SRC="index.png"></A>
<BR>
<B> Next:</B> <A NAME="tex2html1129"
HREF="node18.html">17. Bounce management</A>
<B> Up:</B> <A NAME="tex2html1123"
HREF="sympa.html">Sympa Mailing Lists Management Software version</A>
<B> Previous:</B> <A NAME="tex2html1117"
HREF="node16.html">15. List configuration parameters</A>
  <B> <A NAME="tex2html1125"
HREF="node1.html">Contents</A></B>
  <B> <A NAME="tex2html1127"
HREF="node23.html">Index</A></B>
<!--End of Navigation Panel-->
<ADDRESS>
root
2004-09-10
</ADDRESS>
</BODY>
</HTML>
|
