LSFoundation ============ LSFoundation is the very core library for accessing OpenGroupware.org business logic. Defaults ======== LSSessionChannelTimeOut 300 (s) SkyCommandProfileEnabled YES|NO SkyCommandProfileName /tmp/cmd-log LSProfileCommands YES|NO LSDebuggingEnabled YES|NO LSAskAtTxBegin YES|NO (for debugging, prompts/blocks on the shell!) LSDBFetchRelationCommand_MAX_SEARCH_COUNT 200 MinutesBetweenFailedLogins 15 HandleFailedAuthorizations NO FailedLoginCount 5 FailedLoginLockInfoMailAddress root LSAuthLDAPServer LSAuthLDAPServerRoot LSAuthLDAPServerPort 389 LSUseLowercaseLogin NO AllowSpacesInLogin NO LSAdaptor PostgreSQL LSConnectionDictionary LSModelName UseSkyrixLoginForImap NO SkyAccessManagerDebug NO SkyObjectPropertyManagerDebug NO Access Rules ============ (by JR) access permissions for persons / accounts / companies - root is always allowed to do everything - if nothing is set, everyone may read and write. As soon as an ACL is set on an object, access is forbidden for everyone who is not listed - everyone who has write access may set the ACL. - you cannot remove permissions from the owner. When read permissions are lacked the objects won't be fetched. This way it can happen that there are appointments without participants. The permissions are checked in the command objects, due to this it can happen that edit forms can be reached (due to still available buttons) but that a save fails due to missing permissions. => TODO: this would be a bug IsReadOnly/IsPrivate are overridden in case an ACL is set. The own account record can always be read/written.