From 4ea8953f745a08d13c8966588b81f667f2339103 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem.moulin@fripost.org>
Date: Mon, 21 Jan 2013 23:20:21 +0100
Subject: =?UTF-8?q?ListCreator=20=E2=86=92=20CreateList?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ldap/acl.ldif         | 16 ++++++++--------
 ldap/authz.ldif       |  2 +-
 ldap/base.ldif        |  4 ++--
 ldap/test-user-acl.sh | 20 ++++++++++----------
 4 files changed, 21 insertions(+), 21 deletions(-)

(limited to 'ldap')

diff --git a/ldap/acl.ldif b/ldap/acl.ldif
index 153470f..3cbbd24 100644
--- a/ldap/acl.ldif
+++ b/ldap/acl.ldif
@@ -64,7 +64,7 @@ olcAccess: to dn.one="ou=services,o=mailHosting,dc=fripost,dc=dev"
 # 4,5. Other users need further access.
 olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev"
     by dn.onelevel="ou=managers,o=mailHosting,dc=fripost,dc=dev" =wrscd
-    by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break
+    by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break
     by dn.exact="cn=DeletePendingEntries,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break
     by dn.onelevel="ou=services,o=mailHosting,dc=fripost,dc=dev" =0
     by dn.regex="^fvu=[^,]+,fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripost,dc=dev$" =0 break
@@ -96,7 +96,7 @@ olcAccess: to dn.subtree="o=mailHosting,dc=fripost,dc=dev"
 olcAccess: to dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev"
         attrs=objectClass
     by dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" =s
-    by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =s
+    by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =s
     by dn.exact="cn=DeletePendingEntries,ou=services,o=mailHosting,dc=fripost,dc=dev" =s
 #
 # 1. Users can search (e.g., to list the entries they have created).
@@ -125,7 +125,7 @@ olcAccess: to dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev"
 # Our service can search anywhere in the tree (for old pending entries).
 olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev"
         attrs=entry
-    by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" +0 break
+    by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" +0 break
     by dn.onelevel="ou=services,o=mailHosting,dc=fripost,dc=dev" +s
     by dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" +0 break
 #
@@ -134,7 +134,7 @@ olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev"
 olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev"
         attrs=children
     by dn.exact="cn=DeletePendingEntries,ou=services,o=mailHosting,dc=fripost,dc=dev" =z
-    by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break
+    by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =0 break
     by dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" +0 break
 #
 # Our service needs search access to list (old) pending entries.
@@ -336,7 +336,7 @@ olcAccess: to dn.regex="^fvl=[^,]+,(fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripos
     by dnattr=fripostOwner =scd
     by group/fripostVirtualDomain/fripostOwner.expand="$1" =scd
     by group/fripostVirtualDomain/fripostPostmaster.expand="$1" =scd
-    by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =zsd
+    by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =zsd
 #
 # 1. The list owners can edit their entry's attributes.
 # 2. So can the domain owners.
@@ -362,19 +362,19 @@ olcAccess: to dn.regex="^fvl=[^,]+,(fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripos
     by group/fripostVirtualDomain/fripostPostmaster.expand="$1" +rad
     by set.exact="this/-1/fripostCanAddList & (user | user/-1)" +a
     by dn.children="ou=virtual,o=mailHosting,dc=fripost,dc=dev" +0
-    by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =rsd
+    by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =rsd
 #
 # The List Creator can add list commands.
 olcAccess: to dn.regex="^fvl=[^,]+,fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripost,dc=dev"
         filter=(objectClass=FripostVirtualList)
         attrs=children
-    by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =a
+    by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =a
 #
 # The List Creator can add list commands.
 olcAccess: to dn.regex="^fvlc=[^,]+,fvl=[^,]+,fvd=[^,]+,ou=virtual,o=mailHosting,dc=fripost,dc=dev"
         filter=(objectClass=FripostVirtualListCommand)
         attrs=entry
-    by dn.exact="cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev" =a
+    by dn.exact="cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev" =a
 #
 # Catch the "break" control above.
 olcAccess: to dn.subtree="ou=virtual,o=mailHosting,dc=fripost,dc=dev"
diff --git a/ldap/authz.ldif b/ldap/authz.ldif
index 34a02df..85a13e0 100644
--- a/ldap/authz.ldif
+++ b/ldap/authz.ldif
@@ -4,7 +4,7 @@
 #
 # That will allow the SASL-authenticated user (service) to be
 # reformatted into a proper DN under our services directory.
-# 
+#
 # SASL authentication can be checked with:
 #
 #   ldapwhoami -U 'AdminWebPanel'
diff --git a/ldap/base.ldif b/ldap/base.ldif
index 4a40d3c..525fca6 100644
--- a/ldap/base.ldif
+++ b/ldap/base.ldif
@@ -32,11 +32,11 @@ objectClass: organizationalRole
 userPassword: smtp
 description: Where Postfix bind to for LDAP lookups.
 
-dn: cn=ListCreator,ou=services,o=mailHosting,dc=fripost,dc=dev
+dn: cn=CreateList,ou=services,o=mailHosting,dc=fripost,dc=dev
 objectClass: simpleSecurityObject
 objectClass: organizationalRole
 description: The entity that is authorized to add list commands
-userPassword: listcreator
+userPassword: createlist
 
 dn: cn=DeletePendingEntries,ou=services,o=mailHosting,dc=fripost,dc=dev
 objectClass: simpleSecurityObject
diff --git a/ldap/test-user-acl.sh b/ldap/test-user-acl.sh
index 3023152..648f9c6 100755
--- a/ldap/test-user-acl.sh
+++ b/ldap/test-user-acl.sh
@@ -1124,60 +1124,60 @@ done | isOK '=0$' children
 ###########################################################################
 
 echo
-echo "Service ListCreator"
+echo "Service CreateList"
 
 msg "Have =0 access on domain attributes"
 for D in ${DOMAINS}; do
-    checkACL "cn=ListCreator" "${D}" entry children ${OPERATTRS} fvd fripostIsStatusActive fripostOptionalMaildrop fripostCanAddAlias fripostCanAddList fripostOwner fripostPostmaster description fripostPendingToken
+    checkACL "cn=CreateList" "${D}" entry children ${OPERATTRS} fvd fripostIsStatusActive fripostOptionalMaildrop fripostCanAddAlias fripostCanAddList fripostOwner fripostPostmaster description fripostPendingToken
 done | isOK '=0$' entry
 [ $? -eq 0 ] || exit $?
 
 msg "Have =0 access on user attributes"
 for U in ${USERS}; do
-    checkACL "cn=ListCreator" "${U}" entry children ${OPERATTRS} fvu userPassword fripostIsStatusActive fripostUserQuota fripostOptionalMaildrop description
+    checkACL "cn=CreateList" "${U}" entry children ${OPERATTRS} fvu userPassword fripostIsStatusActive fripostUserQuota fripostOptionalMaildrop description
 done | isOK '=0$' entry
 [ $? -eq 0 ] || exit $?
 
 msg "Have =0 access on alias attributes"
 for A in ${ALIASES}; do
-    checkACL "cn=ListCreator" "${A}" entry children ${OPERATTRS} fva fripostMaildrop fripostIsStatusActive fripostOwner description
+    checkACL "cn=CreateList" "${A}" entry children ${OPERATTRS} fva fripostMaildrop fripostIsStatusActive fripostOwner description
 done | isOK '=0$' entry
 [ $? -eq 0 ] || exit $?
 
 msg "Have =zsd access on lists' pending status"
 for L in ${LISTS}; do
-    checkACL "cn=ListCreator" "${L}" fripostPendingToken
+    checkACL "cn=CreateList" "${L}" fripostPendingToken
 done | isOK '=zsd$'
 [ $? -eq 0 ] || exit $?
 
 msg "Have =rsd access on lists' entry attribute"
 for L in ${LISTS}; do
-    checkACL "cn=ListCreator" "${L}" entry
+    checkACL "cn=CreateList" "${L}" entry
 done | isOK '=rsd$'
 [ $? -eq 0 ] || exit $?
 
 msg "Have =a access on lists' children attribute"
 for L in ${LISTS}; do
     search -s base -b "${L},${SUFFIX0}" "(fripostPendingToken=*)" | grep -q '^dn: ' || \
-    checkACL "cn=ListCreator" "${L}" children
+    checkACL "cn=CreateList" "${L}" children
 done | isOK '=a$'
 [ $? -eq 0 ] || exit $?
 
 msg "Have =0 access on other list attributes"
 for L in ${LISTS}; do
-    checkACL "cn=ListCreator" "${L}" ${OPERATTRS} fvl fripostListManager fripostIsStatusActive fripostLocalAlias fripostOwner description
+    checkACL "cn=CreateList" "${L}" ${OPERATTRS} fvl fripostListManager fripostIsStatusActive fripostLocalAlias fripostOwner description
 done | isOK '=0$' fvl
 [ $? -eq 0 ] || exit $?
 
 msg "Have =a access on list commands' entry attribute"
 for LC in ${LISTSC}; do
-    checkACL "cn=ListCreator" "${LC}" entry
+    checkACL "cn=CreateList" "${LC}" entry
 done | isOK '=a$'
 [ $? -eq 0 ] || exit $?
 
 msg "Have =0 access on other list command attributes"
 for LC in ${LISTSC}; do
-    checkACL "cn=ListCreator" "${LC}" children ${OPERATTRS} fvlc fripostLocalAlias
+    checkACL "cn=CreateList" "${LC}" children ${OPERATTRS} fvlc fripostLocalAlias
 done | isOK '=0$' children
 [ $? -eq 0 ] || exit $?
 
-- 
cgit v1.2.3