Access models supported

Two access models are supported by the calendar API. The access model specified in the XAPIA CSA specification is supported for data version 4 only. The OpenWindows Calendar Manager access model is supported for data versions 1 to 3. In the OpenWindows Calendar Manager access model, the accessibility of a calendar is controlled by an access list which specifies who has what access rights. Three access rights are defined: CSA_X_DT_BROWSE_ACCESS (user can list and read calendar entries), CSA_X_DT_INSERT_ACCESS (user can insert calendar entries), and CSA_X_DT_DELETE_ACCESS (user can delete calendar entries). Since the calendar API allows access to calendars of all versions, the programmer should interpret the access rights contained in an access list using the correct access model depending on the data version.

When a calendar is created, unless an access list is specified during creation, the default access list consists of one entry with "world" as the user name; the associated access right is "browse public entries." The user name "world" is a special name which means all users.

By default, a user with the same user name as the owner of the calendar can access the calendar with full owner's access from any machine. To have stricter access control, names of the form "owner-user-name@host" can be added to the access list of the calendar. When such an entry is added to the access list, the corresponding access right has to be CSA_OWNER_RIGHTS for data version 4 and (CSA_X_DT_BROWSE_ACCESS|CSA_X_DT_INSERT_ACCESS|CSA_X_DT_DELETE_ACCESS) for data version 3. After such entries are added to the access list, only users from the specified hosts can access the calendar with full owner's rights.