diff options
| author | M.Gergo | 2018-07-06 11:14:41 +0200 |
|---|---|---|
| committer | M.Gergo | 2018-07-06 11:14:41 +0200 |
| commit | 43de9af71f7f4ca5731b94a06d688ae8412ba427 (patch) | |
| tree | 54835de1dfcda504c02da261f0dc26885aed2e89 /mayor-orig/install/base/ldap/access-control | |
| parent | 50310b0e4513ee3fcce67351ae61e8fff851130e (diff) | |
| download | mayor-43de9af71f7f4ca5731b94a06d688ae8412ba427.tar.gz mayor-43de9af71f7f4ca5731b94a06d688ae8412ba427.zip | |
2018/Feb/28 -i állapot hozzáadva, mint a módosítások kiindulási állapota
Diffstat (limited to 'mayor-orig/install/base/ldap/access-control')
| -rw-r--r-- | mayor-orig/install/base/ldap/access-control/mayor.acl | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/mayor-orig/install/base/ldap/access-control/mayor.acl b/mayor-orig/install/base/ldap/access-control/mayor.acl new file mode 100644 index 00000000..abc5b4d5 --- /dev/null +++ b/mayor-orig/install/base/ldap/access-control/mayor.acl @@ -0,0 +1,97 @@ +# +# Jelszó változtatás +# + +access to dn.subtree="ou=diak,%BASEDN%" + attrs=userPassword + by anonymous auth + by self write + by group/mayorGroup/member="cn=useradmin,ou=Groups,%BASEDN%" write + by group/mayorGroup/member="cn=diakadmin,ou=Groups,%BASEDN%" write + by * none + +access to attrs=userPassword + by anonymous auth + by self write + by group/mayorGroup/member="cn=useradmin,ou=Groups,%BASEDN%" write + by * none + + +access to dn.subtree="ou=diak,%BASEDN%" + attrs=shadowLastChange,shadowExpire + by anonymous read + by self write + by group/mayorGroup/member="cn=useradmin,ou=Groups,%BASEDN%" write + by group/mayorGroup/member="cn=diakadmin,ou=Groups,%BASEDN%" write + by * read + +access to attrs=shadowLastChange,shadowExpire + by anonymous read + by self write + by group/mayorGroup/member="cn=useradmin,ou=Groups,%BASEDN%" write + by * read + +# +# Személyes adatok +# + +# A session nyitáshoz szükséges adatoknak publikusan olvashatónak kell lennie (shadow, studyId) + +access to dn.subtree="ou=diak,%BASEDN%" + attrs=mail + by self write + by group/mayorGroup/member="cn=useradmin,ou=Groups,%BASEDN%" write + by group/mayorGroup/member="cn=diakadmin,ou=Groups,%BASEDN%" write + by * read + +access to dn.subtree="ou=diak,%BASEDN%" + attrs=telephonenumber,mobile + by self write + by group/mayorGroup/member="cn=useradmin,ou=Groups,%BASEDN%" write + by group/mayorGroup/member="cn=diakadmin,ou=Groups,%BASEDN%" write + by users read + by * none + +access to dn.subtree="ou=diak,%BASEDN%" + attrs=cn,studyId + by group/mayorGroup/member="cn=useradmin,ou=Groups,%BASEDN%" write + by group/mayorGroup/member="cn=diakadmin,ou=Groups,%BASEDN%" write + by * read + +access to dn.subtree="ou=diak,%BASEDN%" + attrs=l,street,postaladdress,postalcode + by group/mayorGroup/member="cn=useradmin,ou=Groups,%BASEDN%" write + by group/mayorGroup/member="cn=diakadmin,ou=Groups,%BASEDN%" write + by users read + by * none + +# ******************************************************************* # + +access to attrs=mail + by self write + by group/mayorGroup/member="cn=useradmin,ou=Groups,%BASEDN%" write + by * read + +access to attrs=telephonenumber,mobile + by self write + by group/mayorGroup/member="cn=useradmin,ou=Groups,%BASEDN%" write + by users read + by * none + +access to attrs=cn,studyId + by group/mayorGroup/member="cn=useradmin,ou=Groups,%BASEDN%" write + by * read + +access to attrs=l,street,postaladdress,postalcode + by group/mayorGroup/member="cn=useradmin,ou=Groups,%BASEDN%" write + by users read + by * none + +# +# Alapértelmezett +# + +access to * + by group/mayorGroup/member="cn=useradmin,ou=Groups,%BASEDN%" write + by anonymous read + by * read |