From 611d182907c3c567f9000c4e0dc00da95e2d64f6 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Sun, 26 Jan 2020 18:59:28 +0100
Subject: [PATCH] Add anyread to admins in example acl because don't be
 ridiculous

---
 main.go | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/main.go b/main.go
index 7876915..6516724 100644
--- a/main.go
+++ b/main.go
@@ -57,10 +57,10 @@ func main() {
 		"*,dc=gobottin,dc=eu::read:*:* !userpassword",
 		// Anybody can read and modify anything from their own entry
 		"*::read modify:SELF:*",
-		// The admin can add, modify, delete anything
-		"cn=admin,dc=gobottin,dc=eu::add modify delete:*:*",
-		// Members of the admin group can add, modify, delete anything
-		"*:cn=admin,ou=groups,dc=gobottin,dc=eu:add modify delete:*:*",
+		// The admin can read, add, modify, delete anything
+		"cn=admin,dc=gobottin,dc=eu::read add modify delete:*:*",
+		// Members of the admin group can read, add, modify, delete anything
+		"*:cn=admin,ou=groups,dc=gobottin,dc=eu:read add modify delete:*:*",
 	}
 	acl, err := ParseACL(aclStr)
 	if err != nil {