[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL regex broken upgrading from 2.2.14 to 2.2.28



Hi All. Thank you for reading this.

Perhaps there is a tidbit I missed somewhere in the release notes or list discussions to explain this, but I am having a problem in 2.2.28 with a very simple regex ACL rule that worked correctly in version 2.2.14:

access to dn.subtree="ou=personal_addressbook,dc=enc,dc=edu"
      by dn="cn=adm,ou=admin,ou=sys,dc=enc,dc=edu" write
      by * break
access to dn.regex="^.*ou=(.)(.*),ou=personal_addressbook,dc=enc,dc=edu"
      by dn="ueid=$1$2,ou=$1,ou=people,dc=enc,dc=edu" write
      by * none

FYI, my user DNs look like "ueid=4asgxek3ci,ou=4,ou=people,dc=enc,dc=edu", with the "ou=4" part corresponding to the first character of the "ueid" attribute. Thus, this person's addressbook entry would have a DN - "ou=4asgxek3ci,ou=personal_addressbook,dc=enc,dc=edu".

Using the ACL above taken from my 2.2.14 installation, there is no access at all, but tweaking this part...

   "^.*ou=(.)(.*),ou=personal_addressbook,dc=enc,dc=edu"

...in this way...

   ^.*ou=(\w{1})(.*),ou=personal_addressbook,dc=enc,dc=edu

...allows read access but no write.


Thanks in advance for any insight.

Best,

--
Ben Sommer
Senior Technology Officer
Eastern Nazarene College
23 East Elm Ave
Quincy, MA 02170
(617) 745-3817