[OGo-Users] sharing contact attributes only between given users

[Adam Tauno Williams]

> >>>> Technically we could map the codes to arbitrary fields removals.
> >>> I don't really get the meaning of the last sentence.
> >> What the flags do is clear out field the user has no access to. Eg if
> >> he does not have the 'M' permission, we would reset the
> >> '03_tel_mobile' field to nil after the fetch.
> > Interesting.  And I assume on a write/put those fields are dropped out
> > as well?
> There is only one write permission, 'w'. Either you have it, or you  
> don't. Maybe it makes sense to combine it with the other flags, don't  
> know. I guess not.

Just curious if a clever user could manage to overwrite/change fields
that aren't visible.

> > For some regulatory compliance [that mandates data hiding] we've had  
> > to
> > implement some kludges to get similar behavior.  We use an encrypted
> > blob in an object property,  and if the user has access to the key the
> > blob decrypts for display - but they aren't accessing the data via
> > WebUI.  This makes the data encrypted on-disk and thus in-backup, the
> > later is also required for compliance.  I suppose there is no way to
> > support such a thing in the mainline - the whole key acquisition  
> > issue.
>  From a technical PoV storing encrypted values would not be too hard.  
> Don't know, not a priority right now, but sounds kinda useful :-)

For us it is required,  but it is easy enough to implement on the
client/consumer side.