forked from Deuxfleurs/bottin
17 lines
733 B
Markdown
17 lines
733 B
Markdown
|
## ACL examples
|
||
|
|
||
|
```
|
||
|
// Anybody (before binding) can bind to an entity under ou=users,dc=gobottin,dc=eu
|
||
|
"ANONYMOUS::bind:*,ou=users,dc=gobottin,dc=eu:",
|
||
|
// Anybody (before binding) can bind to the specific admin entity
|
||
|
"ANONYMOUS::bind:cn=admin,dc=gobottin,dc=eu:",
|
||
|
// Anybody who is logged in can read anything that is not a userpassword attribute
|
||
|
"*,dc=gobottin,dc=eu::read:*:* !userpassword",
|
||
|
// Anybody can read and modify anything from their own entry
|
||
|
"*::read modify:SELF:*",
|
||
|
// The admin can read, add, modify, delete anything
|
||
|
"cn=admin,dc=gobottin,dc=eu::read add modify delete:*:*",
|
||
|
// Members of the admin group can read, add, modify, delete anything
|
||
|
"*:cn=admin,ou=groups,dc=gobottin,dc=eu:read add modify delete:*:*"
|
||
|
```
|