Add an LDAP attribute to check if the user wants to use the content filter.

This decision is left to the MX (as for 'fripostIsStatusActive'), which
will set the envelope recipient accordingly.

1 files changed, 13 insertions, 8 deletions

diff --git a/roles/common-LDAP/files/etc/ldap/schema/fripost.ldif b/roles/common-LDAP/files/etc/ldap/schema/fripost.ldif
index a26f249..0475d20 100644
--- a/roles/common-LDAP/files/etc/ldap/schema/fripost.ldif
+++ b/roles/common-LDAP/files/etc/ldap/schema/fripost.ldif
@@ -51,126 +51,131 @@
 # 1.3.6.1.4.1.40011.1.2.3  Syntax Definitions
 
 # This schema depends on:
 # - core.schema
 # - cosine.schema
 # - nis.schema
 
 
 dn: cn=fripost,cn=schema,cn=config
 objectClass: olcSchemaConfig
 #
 # Attributes: 1.3.6.1.4.1.40011.1.1
 #
 olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.1 NAME 'fvd'
     DESC 'A virtual mail domain'
     EQUALITY caseIgnoreIA5Match
     SUBSTR caseIgnoreIA5SubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE )
 #
 olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.2 NAME 'fvl'
-    DESC 'The local part of a virtual user, alias, list or list command'
+    DESC 'The local part of a virtual user, alias or list'
     EQUALITY caseIgnoreIA5Match
     SUBSTR caseIgnoreIA5SubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
 #
 olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.3 NAME 'fripostMaildrop'
     DESC 'An email address the virtual alias should be mapped to'
     EQUALITY caseIgnoreIA5Match
     SUBSTR caseIgnoreIA5SubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
 #
 # We are creating a new attribute, optional in virtual domains and
 # users, because the presence index should *not* apply to the
 # mandatory attribute above.
 olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.4 NAME 'fripostOptionalMaildrop'
     DESC 'An optional email address for catch-all or domain aliases'
     EQUALITY caseIgnoreIA5Match
     SUBSTR caseIgnoreIA5SubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
 #
 olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.5 NAME 'fripostIsStatusActive'
-    DESC 'When present, a token locking the entry in an inactive state'
+    DESC 'Is the entry active?'
     EQUALITY booleanMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
 #
 olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.6 NAME 'fripostPendingToken'
     DESC 'Is the entry pending?'
     EQUALITY caseExactMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{64} SINGLE-VALUE )
 #
 olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.7 NAME 'fripostUserQuota'
     DESC 'The quota on a user e.g., "50MB"'
     EQUALITY caseExactMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32} SINGLE-VALUE )
 #
 olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.8 NAME 'fripostCanAddDomain'
-    DESC 'A user/domain that can add domains'
+    DESC 'A user/domain allowed to add domains'
     SUP distinguishedName )
 #
 olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.9 NAME 'fripostCanAddAlias'
-    DESC 'A user/domain that can add aliases under the parent domain'
+    DESC 'A user/domain allowed to add aliases under the parent domain'
     SUP distinguishedName )
 #
 olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.10 NAME 'fripostCanAddList'
-    DESC 'A user/domain that can add lists under the parent domain'
+    DESC 'A user/domain allowed to add lists under the parent domain'
     SUP distinguishedName )
 #
 olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.11 NAME 'fripostOwner'
-    DESC 'A user that owns under parent domain'
+    DESC 'A user being the owner of the parent domain'
     SUP distinguishedName )
 #
 olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.12 NAME 'fripostPostmaster'
-    DESC 'A user that is a postmaster of the parent domain'
+    DESC 'A user being the postmaster of the parent domain'
     SUP distinguishedName )
 #
 olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.13 NAME 'fripostListManager'
     DESC 'The list manager'
     EQUALITY caseIgnoreMatch
     SUBSTR caseIgnoreSubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{64} SINGLE-VALUE )
 #
+olcAttributeTypes: ( 1.3.6.1.4.1.40011.1.2.1.14 NAME 'fripostUseContentFilter'
+    DESC 'Does the user want to use the content filter?'
+    EQUALITY booleanMatch
+    SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
+#
 #
 # Objects: 1.3.6.1.4.1.40011.1.2
 #
 olcObjectClasses: ( 1.3.6.1.4.1.40011.1.2.1 NAME 'FripostVirtual'
     AUXILIARY
     DESC 'Virtual mail hosting'
     MAY ( fripostCanAddDomain ) )
 #
 olcObjectClasses: ( 1.3.6.1.4.1.40011.1.2.2 NAME 'FripostVirtualDomain'
     SUP top STRUCTURAL
     DESC 'Virtual domain'
     MUST ( fvd $ fripostIsStatusActive )
     MAY ( fripostCanAddAlias $ fripostCanAddList $
           fripostOwner $ fripostPostmaster $
           fripostOptionalMaildrop $ description ) )
 #
 # Domain alias (for the domain given by fripostMaildrop). Children are ignored.
 olcObjectClasses: ( 1.3.6.1.4.1.40011.1.2.3 NAME 'FripostVirtualAliasDomain'
     SUP FripostVirtualDomain STRUCTURAL
     DESC 'Virtual alias domain'
     MUST ( fripostMaildrop ) )
 #
 # | TODO: add limits here
 olcObjectClasses: ( 1.3.6.1.4.1.40011.1.2.4 NAME 'FripostVirtualUser'
     SUP top STRUCTURAL
     DESC 'Virtual user'
-    MUST ( fvl $ userPassword $ fripostIsStatusActive )
+    MUST ( fvl $ userPassword $ fripostIsStatusActive $ fripostUseContentFilter )
     MAY ( fripostUserQuota $ description) )
 #
 olcObjectClasses: ( 1.3.6.1.4.1.40011.1.2.5 NAME 'FripostVirtualAlias'
     SUP top STRUCTURAL
     DESC 'Virtual alias'
     MUST ( fvl $ fripostMaildrop $ fripostIsStatusActive )
     MAY ( fripostOwner $ description ) )
 #
 olcObjectClasses: ( 1.3.6.1.4.1.40011.1.2.6 NAME 'FripostVirtualList'
     SUP top STRUCTURAL
     DESC 'Virtual list'
     MUST ( fvl $ fripostListManager $ fripostIsStatusActive )
     MAY ( fripostOwner $ description ) )
 #
 olcObjectClasses: ( 1.3.6.1.4.1.40011.1.2.7 NAME 'FripostPendingEntry'
     SUP top AUXILIARY
     DESC 'Virtual pending entry'
     MAY ( fripostPendingToken ) )