Mercurial Mercurial > pub > hg > cubicweb / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server/test/data/ldap_test.ldif
author Aurelien Campeas <aurelien.campeas@logilab.fr>
Thu, 24 Oct 2013 13:15:53 +0200
changeset 9395 96dba2efd16d
parent 8922 715b9eec6da9
permissions -rw-r--r--
[hooks/security] provide attribute "add" permission As of today, the update permission on attributes is checked at entity *creation* time. This forbids using update permissions the proper way. We set it to be checked at entity update time only. We introduce a specific 'add' permission rule for attributes. For backward compatibility, its default value will be the same as the current 'update' permission. Notes: * needs a new yams version (ticket #149216) * introduces two new 'add_permissions' rdefs (attribute - group|rqlexpr) * if the update permission was () and the bw compat kicks in, the rule is not enforced, to avoid un-creatable entity types -- this restriction will be lifted when the bw compat is gone * small internal refactoring on check_entity_attributes * one small pre 3.6.1 bw compat snippet must be removed from schemaserial Closes #2965518.

dn: dc=cubicweb,dc=test
structuralObjectClass: organization
objectClass: dcObject
objectClass: organization
o: cubicweb
dc: cubicweb

dn: ou=People,dc=cubicweb,dc=test
objectClass: organizationalUnit
ou: People
structuralObjectClass: organizationalUnit

dn: ou=Group,dc=cubicweb,dc=test
objectClass: organizationalUnit
ou: Group

dn: cn=logilab,ou=Group,dc=cubicweb,dc=test
gidNumber: 2000
objectClass: posixGroup
objectClass: top
cn: logilab
memberUid: adim

dn: cn=dir,ou=Group,dc=cubicweb,dc=test
gidNumber: 2002
objectClass: posixGroup
objectClass: top
cn: dir
memberUid: adim
memberUid: syt

dn: uid=syt,ou=People,dc=cubicweb,dc=test
loginShell: /bin/bash
objectClass: OpenLDAPperson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
cn: Sylvain Thenault
sn: Thenault
shadowMax: 99999
gidNumber: 1004
uid: syt
homeDirectory: /home/syt
shadowFlag: 134538764
uidNumber: 1004
givenName: Sylvain
telephoneNumber: 106
displayName: sthenault
gecos: Sylvain Thenault
mail: sylvain.thenault@logilab.fr
mail: syt@logilab.fr
userPassword: syt

dn: uid=adim,ou=People,dc=cubicweb,dc=test
loginShell: /bin/bash
objectClass: OpenLDAPperson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
cn: Adrien Di Mascio
sn: Di Mascio
shadowMax: 99999
gidNumber: 1006
uid: adim
homeDirectory: /home/adim
uidNumber: 1006
givenName: Adrien
telephoneNumber: 109
displayName: adimascio
gecos: Adrien Di Mascio
mail: adim@logilab.fr
mail: adrien.dimascio@logilab.fr
userPassword: adim
cubicweb