aboutsummaryrefslogtreecommitdiffstats
path: root/ldap/acl.ldif
diff options
context:
space:
mode:
Diffstat (limited to 'ldap/acl.ldif')
-rw-r--r--ldap/acl.ldif16
1 files changed, 8 insertions, 8 deletions
diff --git a/ldap/acl.ldif b/ldap/acl.ldif
index 153470f..3cbbd24 100644
--- a/ldap/acl.ldif
+++ b/ldap/acl.ldif
@@ -64,7 +64,7 @@ olcAccess: to dn.one="ou=services,o=mailHosting,dc=fripost,dc=dev"
# 4,5. Other users need further access.
olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev"
by dn.onelevel="ou=managers,o=mailHosting,dc=fripost,dc=dev" =wrscd
- by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break
+ by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break
by dn.exact="cn=DeletePendingEntries,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break
by dn.onelevel="ou=services,o=mailHosting,dc=fripost,dc=dev" =0
by dn.regex="^fvu=[^,]+,fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripost,dc=dev$" =0 break
@@ -96,7 +96,7 @@ olcAccess: to dn.subtree="o=mailHosting,dc=fripost,dc=dev"
olcAccess: to dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev"
attrs=objectClass
by dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" =s
- by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =s
+ by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =s
by dn.exact="cn=DeletePendingEntries,ou=services,o=mailHosting,dc=fripost,dc=dev" =s
#
# 1. Users can search (e.g., to list the entries they have created).
@@ -125,7 +125,7 @@ olcAccess: to dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev"
# Our service can search anywhere in the tree (for old pending entries).
olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev"
attrs=entry
- by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" +0 break
+ by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" +0 break
by dn.onelevel="ou=services,o=mailHosting,dc=fripost,dc=dev" +s
by dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" +0 break
#
@@ -134,7 +134,7 @@ olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev"
olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev"
attrs=children
by dn.exact="cn=DeletePendingEntries,ou=services,o=mailHosting,dc=fripost,dc=dev" =z
- by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break
+ by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break
by dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" +0 break
#
# Our service needs search access to list (old) pending entries.
@@ -336,7 +336,7 @@ olcAccess: to dn.regex="^fvl=[^,]+,(fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripos
by dnattr=fripostOwner =scd
by group/fripostVirtualDomain/fripostOwner.expand="$1" =scd
by group/fripostVirtualDomain/fripostPostmaster.expand="$1" =scd
- by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =zsd
+ by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =zsd
#
# 1. The list owners can edit their entry's attributes.
# 2. So can the domain owners.
@@ -362,19 +362,19 @@ olcAccess: to dn.regex="^fvl=[^,]+,(fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripos
by group/fripostVirtualDomain/fripostPostmaster.expand="$1" +rad
by set.exact="this/-1/fripostCanAddList & (user | user/-1)" +a
by dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" +0
- by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =rsd
+ by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =rsd
#
# The List Creator can add list commands.
olcAccess: to dn.regex="^fvl=[^,]+,fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripost,dc=dev"
filter=(objectClass=FripostVirtualList)
attrs=children
- by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =a
+ by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =a
#
# The List Creator can add list commands.
olcAccess: to dn.regex="^fvlc=[^,]+,fvl=[^,]+,fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripost,dc=dev"
filter=(objectClass=FripostVirtualListCommand)
attrs=entry
- by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =a
+ by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =a
#
# Catch the "break" control above.
olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev"