gnunux/dataset
1
0
Fork 0
forked from stove/dataset
Code Issues Pull requests Projects Releases Wiki Activity
dataset/seed/openldap/templates/config_acl.ldif

62 lines
2 KiB
Text
Raw Normal View History

add test for ldap
2022-07-07 09:37:49 +02:00
%set %%name_family = 'gnunux'
dovecot
2022-05-04 10:29:03 +02:00
%set %%dns = {}
update
2022-06-24 19:00:16 +02:00
%set %%groups = []
add test for ldap
2022-07-07 09:37:49 +02:00
%%groups.append('cn=remote_test0,' + %%ldapclient_base_dn)%slurp
%%groups.append('cn=remote_test1,' + %%ldapclient_base_dn)%slurp
%%groups.append('cn=remote_test2,' + %%ldapclient_base_dn)%slurp
%%dns.setdefault(None, []).append(('cn=remote_test0,' + %%ldapclient_base_dn, 'read'))%slurp
%%dns.setdefault('all', []).append(('cn=remote_test1,' + %%ldapclient_base_dn, 'read'))%slurp
%%dns.setdefault(%%name_family, []).append(('cn=remote_test2,' + %%ldapclient_base_dn, 'read'))%slurp
dovecot
2022-05-04 10:29:03 +02:00
%for %%remote in %%accounts.remotes
%set %%name = %%normalize_family(%%remote)
%set %%family = %%accounts['remote_' + %%name]['family_' + %%name]
update
2022-06-24 19:00:16 +02:00
%%groups.append(%%accounts['remote_' + %%name]['dn_' + %%name])%slurp
reorganize
2022-08-18 10:19:43 +02:00
%set %%right = 'read'
# %if %%accounts['remote_' + %%name]['read_only_' + %%name]
# %set %%right = 'read'
# %else
# %set %%right = 'write'
# %end if
add test for ldap
2022-07-07 09:37:49 +02:00
%%dns.setdefault(%%family, []).append((%%accounts['remote_' + %%name]['dn_' + %%name], %%right))%slurp
dovecot
2022-05-04 10:29:03 +02:00
%end for
fork from cadoles' risotto-dataset
2022-03-08 19:42:28 +01:00
dn: olcDatabase={2}mdb,cn=config
changetype:modify
replace: olcAccess
olcAccess: {0}to attrs=userPassword
by self write
by anonymous auth
by * none
reorganize
2022-08-18 10:19:43 +02:00
olcAccess: {1}to dn.subtree="%%ldapclient_group_dn"
update
2022-06-24 19:00:16 +02:00
%for group in %%groups
by dn="%%group" read
%end for
by * none
%set %%aclidx = 2
dovecot
2022-05-04 10:29:03 +02:00
%for %%family, %%remotes in %%dns.items()
roundcube multi domain
2022-05-07 08:11:18 +02:00
%if %%family == 'all'
add test for ldap
2022-07-07 09:37:49 +02:00
%continue
roundcube multi domain
2022-05-07 08:11:18 +02:00
%end if
add test for ldap
2022-07-07 09:37:49 +02:00
olcAccess: {%%aclidx}to dn.subtree="%%calc_ldapclient_base_dn(%%ldapclient_base_dn, %%family)"
dovecot
2022-05-04 10:29:03 +02:00
by self read
%for %%remote in %%remotes
add test for ldap
2022-07-07 09:37:49 +02:00
by dn="%%remote[0]" %%remote[1]
dovecot
2022-05-04 10:29:03 +02:00
%end for
add test for ldap
2022-07-07 09:37:49 +02:00
%if %%family != 'all' and 'all' in %%dns
%for %%remote in %%dns['all']
by dn="%%remote[0]" %%remote[1]
%end for
%end if
%set %%aclidx += 1
%if %%family != 'all'
fork from cadoles' risotto-dataset
2022-03-08 19:42:28 +01:00
by * none
add test for ldap
2022-07-07 09:37:49 +02:00
%end if
dovecot
2022-05-04 10:29:03 +02:00
%end for
add test for ldap
2022-07-07 09:37:49 +02:00
%if 'all' in %%dns
olcAccess: {%%aclidx}to dn.subtree="%%ldap_account_dn"
by self read
%for %%remote in %%dns['all']
by dn="%%remote[0]" %%remote[1]
%end for
by * none
%end if
Reference in a new issue Copy permalink