summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2020-05-21 03:45:17 +0200
committerGuilhem Moulin <guilhem@fripost.org>2020-05-21 03:45:17 +0200
commit49fad9bf3a558f6eb0691b016a30ddff4a61da34 (patch)
treed6e53914153735b33ed47b5d11a1024c23324e16 /roles
parent6fb829e49d421de9abac41325f5089357bf27f82 (diff)
LDAP: Add ACLs for group ‘styrelse’.
Diffstat (limited to 'roles')
-rw-r--r--roles/common-LDAP/templates/etc/ldap/database.ldif.j23
1 files changed, 3 insertions, 0 deletions
diff --git a/roles/common-LDAP/templates/etc/ldap/database.ldif.j2 b/roles/common-LDAP/templates/etc/ldap/database.ldif.j2
index 9b4633b..2c0db0b 100644
--- a/roles/common-LDAP/templates/etc/ldap/database.ldif.j2
+++ b/roles/common-LDAP/templates/etc/ldap/database.ldif.j2
@@ -523,35 +523,38 @@ olcAccess: to dn.regex="^fvl=[^,]+,fvd=[^,]+,ou=virtual,dc=fripost,dc=org$"
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
#
# Export Fripost members to Nextcloud
olcAccess: to dn.exact="fvd=fripost.org,ou=virtual,dc=fripost,dc=org"
attrs=entry,objectClass,fvd
filter=(&(objectClass=FripostVirtualDomain)(!(objectClass=FripostPendingEntry)))
by dn.exact="cn=nextcloud,ou=services,dc=fripost,dc=org" tls_ssf=128 =rsd
by users =0 break
olcAccess: to dn.regex="^fvl=[^,]+,fvd=fripost.org,ou=virtual,dc=fripost,dc=org$"
attrs=entry,entryDN,entryUUID,objectClass,fvl,fripostIsStatusActive
filter=(&(objectClass=FripostVirtualUser)(!(objectClass=FripostPendingEntry))(fripostIsStatusActive=TRUE))
by dn.exact="cn=nextcloud,ou=services,dc=fripost,dc=org" tls_ssf=128 =rsd
by users =0 break
olcAccess: to dn.exact="ou=groups,dc=fripost,dc=org"
attrs=entry,objectClass
by dn.exact="cn=nextcloud,ou=services,dc=fripost,dc=org" tls_ssf=128 =rsd
by users =0 break
olcAccess: to dn.exact="cn=medlemmar,ou=groups,dc=fripost,dc=org"
by dn.exact="cn=nextcloud,ou=services,dc=fripost,dc=org" tls_ssf=128 =rsd
by users =0 break
+olcAccess: to dn.exact="cn=styrelse,ou=groups,dc=fripost,dc=org"
+ by dn.exact="cn=nextcloud,ou=services,dc=fripost,dc=org" tls_ssf=128 =rsd
+ by users =0 break
#
# TODO: allow users to edit their entry, etc
#
{% endif %}
#
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
# Catch-all
#
# * Catch all the breaks above.
# * Deny any access to everyone else.
olcAccess: to dn.subtree="dc=fripost,dc=org"
by dn.children="ou=virtual,dc=fripost,dc=org" +0
by * =0
# vim: set filetype=ldif :
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-20 16:06:16 +0000