IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add managed read permissions for compat tree

Browse Source 
https://fedorahosted.org/freeipa/ticket/4521

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
Petr Viktorin
2014-09-03 10:54:50 +02:00
committed by Petr Viktorin
parent 4484d4d58b
commit 418ce870bf
5 changed files with 49 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
ipalib/plugins/user.py
View File

@@ -424,6 +424,17 @@ class user(LDAPObject):
],
'default_privileges': {'User Administrators'},
},
'System: Read User Compat Tree': {
'non_object': True,
'ipapermbindruletype': 'anonymous',
'ipapermlocation': api.env.basedn,
'ipapermtarget': DN('cn=users', 'cn=compat', api.env.basedn),
'ipapermright': {'read', 'search', 'compare'},
'ipapermdefaultattr': {
'objectclass', 'uid', 'cn', 'gecos', 'gidnumber', 'uidnumber',
'homedirectory', 'loginshell',
},
},
}
label = _('Users')