[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: set syntax on acl
> editAccounts is a boolean attribute from jamm.schema
> But it dont works with TRUE, I will test it within the last stable
> version and I will report here for the result
> Because my goal is to use a boolean to declare if someone could write or
> not in some children without use group.
I just recompiled 2.1.30 (re21 from CVS, should be exactly the same), with
attributeType ( 0.1.2.3.4.5.6.7.8.9 NAME 'editAccount'
DESC 'test'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
and
access to *
by set="user/editAccount & [true]" read
by * auth
I added three entries, one with editAccount set to "TRUE", one with
editAccount set to "FALSE" and the other without editAccount. The one
with editAccount set to TRUE can search the directory, the others just
can't. I suspect you're doing something different elsewhere, or the above
ACL is not even reached. You shoud see with loglevel set to 128 (ACL)
what's going on.
Note that with HEAD code you need to use the __normalized__ value, i.e.
you need to use "TRUE" in uppercase form:
access to *
by set="user/editAccount & [TRUE]" read
by * auth
p.
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497