LSFoundation
============

LSFoundation is the very core library for accessing OpenGroupware.org
business logic.

Defaults
========

LSSessionChannelTimeOut  300 (s)
SkyCommandProfileEnabled YES|NO
SkyCommandProfileName    /tmp/cmd-log
LSProfileCommands        YES|NO
LSDebuggingEnabled       YES|NO
LSAskAtTxBegin           YES|NO   (for debugging, prompts/blocks on the shell!)
LSDBFetchRelationCommand_MAX_SEARCH_COUNT 200

MinutesBetweenFailedLogins     15
HandleFailedAuthorizations     NO
FailedLoginCount               5
FailedLoginLockInfoMailAddress root

LSAuthLDAPServer               
LSAuthLDAPServerRoot           
LSAuthLDAPServerPort           389

LSUseLowercaseLogin            NO
AllowSpacesInLogin             NO

LSAdaptor                      PostgreSQL
LSConnectionDictionary         
LSModelName                    

UseSkyrixLoginForImap          NO

SkyAccessManagerDebug          NO
SkyObjectPropertyManagerDebug  NO


Access Rules
============
(by JR)

access permissions for persons / accounts / companies


- root is always allowed to do everything

- if nothing is set, everyone may read and write. As soon as an ACL is
  set on an object, access is forbidden for everyone who is not listed

- everyone who has write access may set the ACL.
- you cannot remove permissions from the owner.

When read permissions are lacked the objects won't be fetched. This way it can
happen that there are appointments without participants.

The permissions are checked in the command objects, due to this it can happen
that edit forms can be reached (due to still available buttons) but that a
save fails due to missing permissions.
=> TODO: this would be a bug

IsReadOnly/IsPrivate are overridden in case an ACL is set.

The own account record can always be read/written.