[Date Prev][Date Next] [Chronological] [Thread] [Top]

[ACL] Knowing the rights we have


I'm writing a web-based application (Perl CGI) which allows my company's 
users to modify some of their information, such as password, telephone 
number, and so on.

So I generate a web page which contains a form with all the attributes I 
want to show the user (name, groups she's a member of, mail address, 
telephone number...).
Depending on the rights on the server, the user can read/write some 
attributes, or only read.

I'd like to draw a text-edit box for the fields that the user has write 
access to, and a normal readonly text for the other ones. This way, the 
users wouldn't waste time trying to modify what they can't. Moreover, this 
would allow to instantly view what it is possible to do.

I've been looking for a way to do that in many places (IRC, mailing-list 
archives, Google, etc.), but I couldn't find anything about it. The LDAP 
APIs in common languages don't seem to provide ACL-related functions, 

A workaround would be trying to update the attribute's value with the same 
value it already has, but I tend to find it a little ugly. I would also 
have to handle some special cases, for example when the value is empty, 

Did I miss anything ? Any suggestion will be welcome.

David Ammouial.

Attachment: pgpfjkBCUGMiO.pgp
Description: PGP signature