aboutsummaryrefslogtreecommitdiffstats
path: root/ldap/test-user-acl.sh
diff options
context:
space:
mode:
Diffstat (limited to 'ldap/test-user-acl.sh')
-rwxr-xr-xldap/test-user-acl.sh30
1 files changed, 15 insertions, 15 deletions
diff --git a/ldap/test-user-acl.sh b/ldap/test-user-acl.sh
index 12f3d14..c55916e 100755
--- a/ldap/test-user-acl.sh
+++ b/ldap/test-user-acl.sh
@@ -70,7 +70,7 @@ search () {
DOMAINS=$(search -u -b "${SUFFIX}" "objectClass=FripostVirtualDomain" dn | \
grep -i '^ufn: ' | sed -re 's/^ufn: ([^,]+),.*/fvd=\1/')
-USERS=$(search -u -b "${SUFFIX}" "objectClass=FripostVirtualMailbox" dn | \
+USERS=$(search -u -b "${SUFFIX}" "objectClass=FripostVirtualUser" dn | \
grep -i '^ufn: ' | sed -re 's/^ufn: ([^,]+), *([^,]+),.*/fvu=\1,fvd=\2/')
ALIASES=$(search -u -b "${SUFFIX}" "objectClass=FripostVirtualAlias" dn | \
grep -i '^ufn: ' | sed -re 's/^ufn: ([^,]+), *([^,]+),.*/fva=\1,fvd=\2/')
@@ -451,7 +451,7 @@ echo "Authenticated users, access to user entries"
# =w if account owner or domain postmaster
# * fripostIsStatusActive:
# =wrscd if account owner or domain postmaster
-# * fripostMailboxQuota:
+# * fripostUserQuota:
# =rscd if account owner or domain postmaster
# * fripostOptionalMaildrop:
# =wrscd if account owner or domain postmaster
@@ -464,10 +464,10 @@ usersU () {
done
}
-# They would need write access to their fripostMailboxQuota.
+# They would need write access to their fripostUserQuota.
# In practice they can't write fvu either, since it's single valued.
-msg "Have =rscxd access to their \"fripostMailboxQuota\""
-usersU fripostMailboxQuota | isOK 'read(=rscxd)$'
+msg "Have =rscxd access to their \"fripostUserQuota\""
+usersU fripostUserQuota | isOK 'read(=rscxd)$'
[ $? -eq 0 ] || exit $?
msg "Have =wd access to their own \"userPassword\""
@@ -500,7 +500,7 @@ for U1 in ${USERS}; do
checkACL "${U1}" "${U2}" entry children \
fvu userPassword \
fripostIsStatusActive \
- fripostMailboxQuota \
+ fripostUserQuota \
fripostOptionalMaildrop \
description
done
@@ -519,8 +519,8 @@ usersP () {
done
}
-msg "Have =rscxd access to their user's \"fripostMailboxQuota\" (if Postmaster)"
-usersP fripostMailboxQuota | isOK 'read(=rscxd)$'
+msg "Have =rscxd access to their user's \"fripostUserQuota\" (if Postmaster)"
+usersP fripostUserQuota | isOK 'read(=rscxd)$'
[ $? -eq 0 ] || exit $?
msg "Have =wd access to their user's \"userPassword\" (if Postmaster)"
@@ -896,14 +896,14 @@ for D in ${DOMAINS}; do
checkACL "cn=SMTP" "${D}" children ${OPERATTRS} fripostCanCreateAlias fripostCanCreateList fripostOwner fripostPostmaster description
done | isOK 'none(=0)$' children
-msg "Can read and search the mailbox attributes it needs"
+msg "Can read and search the user attributes it needs"
for U in ${USERS}; do
checkACL "cn=SMTP" "${U}" entry objectClass fvu fripostIsStatusActive fripostOptionalMaildrop
done | isOK '=rsd$' entry
-msg "Have =0 access on other mailbox attributes"
+msg "Have =0 access on other user attributes"
for U in ${USERS}; do
- checkACL "cn=SMTP" "${U}" children ${OPERATTRS} userPassword fripostMailboxQuota description
+ checkACL "cn=SMTP" "${U}" children ${OPERATTRS} userPassword fripostUser description
done | isOK 'none(=0)$' children
msg "Can read and search the alias attributes it needs"
@@ -947,9 +947,9 @@ for D in ${DOMAINS}; do
checkACL "cn=ListCreator" "${D}" entry children ${OPERATTRS} fvd fripostIsStatusActive fripostOptionalMaildrop fripostCanCreateAlias fripostCanCreateList fripostOwner fripostPostmaster description
done | isOK '=0$' entry
-msg "Have =0 access on mailbox attributes"
+msg "Have =0 access on user attributes"
for U in ${USERS}; do
- checkACL "cn=ListCreator" "${U}" entry children ${OPERATTRS} fvu userPassword fripostIsStatusActive fripostMailboxQuota fripostOptionalMaildrop description
+ checkACL "cn=ListCreator" "${U}" entry children ${OPERATTRS} fvu userPassword fripostIsStatusActive fripostUserQuota fripostOptionalMaildrop description
done | isOK '=0$' entry
msg "Have =0 access on alias attributes"
@@ -998,9 +998,9 @@ for D in ${DOMAINS}; do
checkACL "cn=AdminWebPanel" "${D}" entry children ${OPERATTRS} fvd fripostIsStatusActive fripostOptionalMaildrop fripostCanCreateAlias fripostCanCreateList fripostOwner fripostPostmaster description
done | isOK 'none(=0)$' entry
-msg "Have =0 access on mailbox attributes"
+msg "Have =0 access on user attributes"
for U in ${USERS}; do
- checkACL "cn=AdminWebPanel" "${U}" entry children ${OPERATTRS} fvu userPassword fripostIsStatusActive fripostMailboxQuota fripostOptionalMaildrop description
+ checkACL "cn=AdminWebPanel" "${U}" entry children ${OPERATTRS} fvu userPassword fripostIsStatusActive fripostUserQuota fripostOptionalMaildrop description
done | isOK 'none(=0)$' entry
msg "Have =0 access on alias attributes"