[Date Prev][Date Next] [Chronological] [Thread] [Top]

querying ACLs

To: "OpenLDAP Software List" <openldap-software@openldap.org>
Subject: querying ACLs
From: Shane <squindler@gmail.com>
Date: Tue, 15 May 2007 15:31:25 +0930
Content-disposition: inline

Hi,

Is it possible to "query" what permissions an "entity" has prior to
them trying to make a change or addition? In context, I'm writing an
app that has different levels of editing based on who you are / what
groups you're in etc.

From majority of examples I've seen this seems to be a try fail sort

of thing, try to edit, if it fails you report the error (usually no
permissions). It would be really handy to turn that around and query
the server first and give an interface to the user which only has
parts they can edit as editable - I could code in which groups have
access etc but then if I add extra groups to the ACL I'll need to
change code ... simply trying to modify every attribute then catching
/ reporting failures or using this to work out what they can edit just
feels dirty and surely isn't very efficient - is there an alternative?

TIA
Shane.

Follow-Ups:
- Re: querying ACLs
  - From: "Gavin Henry" <ghenry@suretecsystems.com>
- Re: querying ACLs
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: querying ACLs
  - From: Pierangelo Masarati <ando@sys-net.it>

Prev by Date: Re: chain-overlay question
Next by Date: Re: chain-overlay question
Index(es):
- Chronological
- Thread