[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: VCAR: RIGHTS Value Type Ambiguous

To: "ietf-calendar@xxxxxxx" <ietf-calendar@xxxxxxx>
Subject: Re: VCAR: RIGHTS Value Type Ambiguous
From: Doug Royer <Doug@xxxxxxxxx>
Date: Mon, 21 Jan 2002 10:36:50 -0700
List-archive: <http://www.imc.org/ietf-calendar/mail-archive/>
List-id: <ietf-calendar.imc.org>
List-unsubscribe: <mailto:ietf-calendar-request@imc.org?body=unsubscribe>
Organization: INET-Consulting <http://INET-Consulting.com>
References: <>
Reply-to: ietf-calendar@xxxxxx
Sender: owner-ietf-calendar@xxxxxxxxxxxx

Bernard Desruisseaux wrote:
> 
> The semantic of OBJECT and VALUE rule parts is ambiguous.
> 
> To illustrate this fact, here's possible interpretations
> of two very simple VCARs.
> 
> Example 1:
> 
>     BEGIN:VCAR
>     CARID:UPDATEPARTSTATUS
>     GRANT:UPN=*;ACTION=MODIFY
>      ;OBJECT=PARTSTAT:VALUE=*
>      ;OBJECT=ATTENDEE;VALUE=SELF
>     END:VCAR

Read it as, for each object that you are checking, if the
rule matches - then the GRANT or DENY applies.
And the result MUST match the GRANT or DENY.

For example (1) this GRANT would apply to you if:

	you wanted to MODIFY
	And the PARTSTAT  object had any valule.
	and ATTENDEE is <self>.

	So for a VEVENT with with UPN 'x':

	BEGIN:VEVENT
	...
	ATTENDEE;PARTSTAT=NEEDS-ACTION:Z
	ATTENDEE;PARTSTAT=NEEdS-ACTION:x
	...	
	END:VEVENT

The VCAR allows you to modify ONLY the one that matches.
BEFORE AND AFTER.

> (a) Anybody is granted the right to modify, to any value, the
>     PARTSTAT parameter of ATTENDEE properties set to himself;
> 
> (b) Anybody is granted the right to modify, to any value, the
>     PARTSTAT parameter of any ATTENDEE properties, as long as
>     there is one ATTENDEE property set to himself in the
>     component;

NOT true as only ONE of them match, if <self>
is not 'Z' it does not match the first one.

> (c) Anybody is granted the right to modify, to any value, the
>     PARTSTAT parameter, as long as he modifies the ATTENDEE
>     property to himself as well;

NOT true as it is only true IF he is the ATTENDEE,
else he can not modify it. And yep - your VCAR allows them to
modify the value of the ATTENDEE, as long as it is already
set to 'x'. And you could modify the value, as long as the
rule still was valid - so the only thing you could modify
it to is 'x'

> (d) Anybody is granted the right to modify the value of any
>     ATTENDEE property to himself, regardless of the stored
>     value of the parameter PARTSTAT.

They could modify all ATTENDEEs from UPN 'x' to UPN 'x'.
All other ATTENDEE values don't match.

> Example 2:
> 
>     BEGIN:VCAR
>     GRANT:UPN=*;ACTION=READ;OBJECT=*;
>      ;OBJECT=ORGANIZER;VALUE=SELF
>     END:VCAR
> 
> (a) Anybody is granted the right to read everything in
>     components for which he is the ORGANIZER;
>
> (b) Anybody is granted the right to read the ORGANIZER
>     property of components for which he is the ORGANIZER.

'property of components' ?

I read (a) and (b) as the same. If the VALUE of ORGANIZER
is 'x', you can read it.

I don't see your points.

begin:vcard 
n:Royer;Doug
tel;pager:pager@xxxxxxxxx
tel;cell:208-520-4044
tel;fax:866-594-8574
tel;work:866-594-8574
x-mozilla-html:FALSE
url:http://Royer.com/People/Doug
org:INET-Consulting LLC <http://INET-Consulting.com
adr:;;1795 W. Broadway #266;Idaho Falls;ID;83402;
version:2.1
email;internet:Doug@xxxxxxxxx
title:Chief Executive Manager
x-mozilla-cpt:;-10400
fn:Doug Royer
end:vcard

Follow-Ups:
- Re: VCAR: RIGHTS Value Type Ambiguous
  - From: Bernard Desruisseaux

References:
- VCAR: RIGHTS Value Type Ambiguous
  - From: Bernard Desruisseaux

Prev by Date: VCAR: RIGHTS Value Type : UPN rule part
Next by Date: Re: VCAR: RIGHTS Value Type : UPN rule part
Previous by thread: VCAR: RIGHTS Value Type Ambiguous
Next by thread: Re: VCAR: RIGHTS Value Type Ambiguous
Index(es):
- Date
- Thread