diff options
author | Guilhem Moulin <guilhem.moulin@fripost.org> | 2013-01-21 23:20:21 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem.moulin@fripost.org> | 2013-01-21 23:20:21 +0100 |
commit | 4ea8953f745a08d13c8966588b81f667f2339103 (patch) | |
tree | cf0f63f902fe509505501338910c196e7faeefeb /ldap/acl.ldif | |
parent | f0f87bd9b13cb0bd5c37472e5a9b4e0d36d1384d (diff) |
ListCreator → CreateList
Diffstat (limited to 'ldap/acl.ldif')
-rw-r--r-- | ldap/acl.ldif | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/ldap/acl.ldif b/ldap/acl.ldif index 153470f..3cbbd24 100644 --- a/ldap/acl.ldif +++ b/ldap/acl.ldif @@ -64,7 +64,7 @@ olcAccess: to dn.one="ou=services,o=mailHosting,dc=fripost,dc=dev" # 4,5. Other users need further access. olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev" by dn.onelevel="ou=managers,o=mailHosting,dc=fripost,dc=dev" =wrscd - by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break + by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break by dn.exact="cn=DeletePendingEntries,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break by dn.onelevel="ou=services,o=mailHosting,dc=fripost,dc=dev" =0 by dn.regex="^fvu=[^,]+,fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripost,dc=dev$" =0 break @@ -96,7 +96,7 @@ olcAccess: to dn.subtree="o=mailHosting,dc=fripost,dc=dev" olcAccess: to dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" attrs=objectClass by dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" =s - by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =s + by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =s by dn.exact="cn=DeletePendingEntries,ou=services,o=mailHosting,dc=fripost,dc=dev" =s # # 1. Users can search (e.g., to list the entries they have created). @@ -125,7 +125,7 @@ olcAccess: to dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" # Our service can search anywhere in the tree (for old pending entries). olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev" attrs=entry - by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" +0 break + by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" +0 break by dn.onelevel="ou=services,o=mailHosting,dc=fripost,dc=dev" +s by dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" +0 break # @@ -134,7 +134,7 @@ olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev" olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev" attrs=children by dn.exact="cn=DeletePendingEntries,ou=services,o=mailHosting,dc=fripost,dc=dev" =z - by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break + by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break by dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" +0 break # # Our service needs search access to list (old) pending entries. @@ -336,7 +336,7 @@ olcAccess: to dn.regex="^fvl=[^,]+,(fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripos by dnattr=fripostOwner =scd by group/fripostVirtualDomain/fripostOwner.expand="$1" =scd by group/fripostVirtualDomain/fripostPostmaster.expand="$1" =scd - by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =zsd + by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =zsd # # 1. The list owners can edit their entry's attributes. # 2. So can the domain owners. @@ -362,19 +362,19 @@ olcAccess: to dn.regex="^fvl=[^,]+,(fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripos by group/fripostVirtualDomain/fripostPostmaster.expand="$1" +rad by set.exact="this/-1/fripostCanAddList & (user | user/-1)" +a by dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" +0 - by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =rsd + by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =rsd # # The List Creator can add list commands. olcAccess: to dn.regex="^fvl=[^,]+,fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripost,dc=dev" filter=(objectClass=FripostVirtualList) attrs=children - by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =a + by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =a # # The List Creator can add list commands. olcAccess: to dn.regex="^fvlc=[^,]+,fvl=[^,]+,fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripost,dc=dev" filter=(objectClass=FripostVirtualListCommand) attrs=entry - by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =a + by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =a # # Catch the "break" control above. olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev" |