major review

2025-06-26 16:45:52 +00:00 · 2024-06-11 08:25:17 +02:00 · 2024-06-11 08:25:17 +02:00 · d2bdcb7e52
commit d2bdcb7e52
parent 6b8993a8ca
2 changed files with 74 additions and 28 deletions
--- a/Sharing-Calendars.md
+++ b/Sharing-Calendars.md
@ -1,28 +0,0 @@
-Some calendar clients, (e.g. iOS, or KDE Kontact) add all of a user's calendars at once. So to minimise client configuration I decided to set up sharing on the server side.
-
-My motivation is to have two (or more) users on the server with three different kinds of calendars each: personal calendars (not shared), calendars readable by the other user(s), and calendars writeable by everyone.
-
-I'm using the following **rights** configuration file (still on Radicale 1.1.1, but it might also work on 2.0):
-
-    # The first rule matching both user and collection patterns will be returned.
-    
-    # Allow authenticated user to read 'shared' collections in their home directory
-    # (usually symlinks from other calendars)
-    [allow-shared-read]
-    user: .+
-    collection: %(login)s/.+-shared.ics$
-    permission: r
-    
-    # Give owners read-write access to everything else:
-    [owner-write]
-    user: .+
-    collection: %(login)s.*$
-    permission: rw
-
-Now to share my **calendar.ics** with a second user, I, 'V', am creating a symlink to e.g. **v-shared.ics** in the other user's calendar directory. The other user can now **only** read the calendar, thanks to the rule [allow-shared-read].
-
-If I want to give write access another user, I'll just create a link not ending in _'-shared.ics'_, to that user's directory. This setup is just tested briefly, but I found another user mentioning a similar approach on the issues tracker.
-
-### Radicale v3
-
-This still works - with some modifications with version 3.1.8. The main difference is that links are made to the directory containing the .ics files, rather than a single .ics file
--- a/Sharing-Collections.md
+++ b/Sharing-Collections.md
@ -0,0 +1,74 @@
+# Radicale v3
+
+"radicale" is a lightwide CalDAV/CardDAV server and supporting sharing of collections only on server side with static configuration.
+
+## Prepraration
+
+* create a directory aside `collection-root` (which is the base directory of "radicale" to lookup user folders) like e.g. `collection-shared`
+* create a sub-directory structure with collections or group->collections
+* softlink required collection directory into user's directory
+* in case of read-only permissions are required for shared calendar, extend `rights` file matching particular collection and user
+
+## Example for a storage layout incl. shared calendar/addressbook
+
+Note: `*/.Radicale*` files/directories are not shown here
+
+* `[d]`: directory
+* `[f]`: file
+* `[l]`: softlink
+* `(ro)`: read-only
+* `(rw)`: read-write
+
+```
+[d] /var
+└─[d] /lib
+  └─[d] /radicale
+    └─[d] /collections
+      ├─[d] /collection-shared
+      │ ├─[d] /group1
+      │ │ ├─[d] /sharedcalendar1 (Collection)
+      │ │ │ ├─[f] sharedschedule1.ics
+      │ │ │ ├─[f] ...
+      │ │ │ └─[f] sharedscheduleX.ics
+      │ │ └─[d] /sharedaddressbook1 (Collection)
+      │ │   ├─[f] sharedcontact1.vcf
+      │ │   ├─[f] ...
+      │ │   └─[f] sharedcontactX.vcf
+      │ │
+      │ └─[d] /group2
+      │   ├─[d] /sharedcalendar2 (Collection)
+      │   │ ├─[f] sharedschedule1.ics
+      │   │ ├─[f] ...
+      │   │ └─[f] sharedscheduleX.ics
+      │   └─[d] /sharedaddressbook2 (Collection)
+      │     ├─[f] sharedcontact1.vcf
+      │     ├─[f] ...
+      │     └─[f] sharedcontactX.vcf
+      │
+      └─[d] /collection-root
+        ├─[d] /USER1 (share some collections of "group1")
+        │ ├─[d] mycalendar1 (Collection)
+        │ ├─[d] myaddressbook1 (Collection)
+        │ ├─[l] sharedcalendar1 -> ../../collection-shared/group1/sharedcalendar1 (rw, default)
+        │ └─[l] sharedaddressbook1 -> ../../collection-shared/group1/sharedaddressbook1 (rw, default)
+        │
+        ├─[d] /USER2 (share some collections of "group2" read-only)
+        │ ├─[d] mycalendar1 (Collection)
+        │ ├─[d] myaddressbook1 (Collection)
+        │ ├─[l] sharedcalendar2 -> ../../collection-shared/group2/sharedcalendar2 (ro)
+        │ └─[l] sharedaddressbook2 -> ../../collection-shared/group2/sharedaddressbook2 (ro)
+```
+
+Related `rights` extension for read-only:
+
+```
+[group2-sharedcalendar2-ro]
+user: USER2
+collection: {user}/sharedcalendar2(/.+)?
+permissions: r
+
+[group2-sharedaddressbook2-ro]
+user: USER2
+collection: {user}/sharedaddressbook2(/.+)?
+permissions: r
+```