[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
New functionality - ACL
Hello,
I would like to suggest the support to simple regular expressions on the ACL
directive:
Suppose the following tree:
o=top
|
|-------------------------|--------------------------|
ou=sales ou=mkt ou=...
And suppose there are uid entries on the ou=sales, ou=mkt, ou=...
It would be very helpful to have the following access rule:
"Allow users to write to their own organizational unit nodes, and read
nodes from all others"
I thought about writing the rule like this (using regular expressions):
# $1 would assume the value of the specific ou.
access to dn.subtree="ou=.*,o=top"
by dn.children="ou=$1,o=top" write
access to dn.children="o=top"
by * read
This is something that is already implemented on the SASL directives.
What do you think about it, feasible ?
Great regards,
Luiz Ernesto Pinheiro Malère
luiz.malere@eversystems.com
55 11 3759-8118
_________________________________________
EverSystems | The Next Generation Systems
São Paulo www.eversystems.com