Hello, I'm writing a web-based application (Perl CGI) which allows my company's users to modify some of their information, such as password, telephone number, and so on. So I generate a web page which contains a form with all the attributes I want to show the user (name, groups she's a member of, mail address, telephone number...). Depending on the rights on the server, the user can read/write some attributes, or only read. I'd like to draw a text-edit box for the fields that the user has write access to, and a normal readonly text for the other ones. This way, the users wouldn't waste time trying to modify what they can't. Moreover, this would allow to instantly view what it is possible to do. I've been looking for a way to do that in many places (IRC, mailing-list archives, Google, etc.), but I couldn't find anything about it. The LDAP APIs in common languages don't seem to provide ACL-related functions, neither. A workaround would be trying to update the attribute's value with the same value it already has, but I tend to find it a little ugly. I would also have to handle some special cases, for example when the value is empty, etc. Did I miss anything ? Any suggestion will be welcome. Thanks. -- David Ammouial. http://davux.asocial.info/ xmpp:davux@amessage.info
Attachment:
pgpfjkBCUGMiO.pgp
Description: PGP signature