[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Combined ACL with filter and without ?
One of those pesky ACL questions again :-)
I'm trying to come up with an ACL in which I can
restrict access to an attribute like this:
- (authenticated) self must be able to write
- only if an attribute called flags has at least a value
of 1 anonymous queries can be granted read permission
In other words a kind of combination of the two ACLs below:
access to dn=".*,o=MyOrg,c=MyCountry" attr=mail
by self write
by * none
access to dn=".*,o=MyOrg,c=MyCountry" filter=(flags>=1) attr=entry
attrs=cn,mail.sn
by * read
How can this be made possible ?
TIA,
Albert
/\lbert
/---------------------------------------------------------------------\
| Albert Siersema aka loonatic | There are no deadlines any deadlier |
| | nor limits more limiting than those |
| albert@friendly.net | we set (for) ourselves (la) |
\---------------------------------------------------------------------/