[Date Prev][Date Next]
Sets in ACLs
I found an answer to a question about group recursion I posted a while
ago. The Answer is to use Sets... This feature is not very properly
documented and as such I am having a bit of trouble.
I have an acl like the following:
access to dn.regex="^(ou=[^,]+(,?[^,]*,?)*ou=directory)$"
by set.regex="([cn=alter,$1])/uniqueMember* & user" write
by set.regex="([cn=read,$1])/uniqueMember* & user" read
Which basically gives users access to a certain ou if they or their
group is listed in the read/alter groups below the ou. Anyway the above
entry works as expected. However if I alter the by set clauses to any
one of the following it does not work:
by set.regex="([cn=alter,]+[$1])/uniqueMember* & user" write
^ Only change to concatenate instead
by set="([cn=alter,]+this])/uniqueMember* & user" write
^ ^ Can't I use "this" to expand to the ou?
No regex expansion
I am also wondering is there a this/children I can use to expand to the
set of all children of 'this'?
Thanks for your time.