[Date Prev][Date Next]
Re: Controlling access based on group membership
On 24/2/2012 4:56 ÎÎ, Nick Milas wrote:
I have tried to make it more precise. So, assuming the schema is as
follows (OIDs are hypothetical), can someone comment on the following
(modified accordingly) access list?
access to <some entries> <some attributes>
by set="this/writeAccessEntities/member* & user" write
by set="this/readAccessEntities/member* & user" read
by set="this/searchAccessEntities/member* & user" search
I tested this (the write and read parts) and it works as expected.
The administrator just has to pay attention to also provide at least
read access to "children,entry" attributes for the associated groups.