extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2025-01-16 02:49:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

merge from trunk(revision 23864:23866) to 1.4 branch

Browse Source
This commit is contained in:
Lars Kneschke 2007-05-15 04:11:24 +00:00
commit 4ebe8bfbe8
3 changed files with 121 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
phpgwapi/doc/ldap/acl_egw_addressbook.conf Normal file
View File

@ -0,0 +1,113 @@
#######################################################################
#
# Access to accounts
#
#######################################################################
# only the user itself, the global admin, and the domain admin can
# modify user passwords
# required for authentication and changing password as user and admin
access to dn.regex="^uid=([^,]+),ou=accounts,ou=([^,]+),dc=localdomain$"
attrs=userPassword,userPKCS12
by dn.exact,expand="cn=egwadmin,ou=$2,dc=localdomain" write
by anonymous auth
by self write
by * none
# allow admins to add new accounts to the tree
access to dn.regex="^ou=accounts,ou=([^,]+),dc=localdomain$"
attrs=children
by dn.exact,expand="cn=egwadmin,ou=$1,dc=localdomain" write
by * none
# allow users readonly access to accounts in their own domain
# access is limited to attributes of objectclass inetOrgPerson,mozillaAbPersonAlpha and evolutionPerson
# used to display accounts in the addressbook
access to dn.regex="ou=accounts,ou=([^,]+),dc=localdomain$"
attrs=entry,@inetOrgPerson,@mozillaAbPersonAlpha,@evolutionPerson
by dn.children,expand="ou=accounts,ou=$1,dc=localdomain" read
by users none break
by * none
# allow admin account access to accounts in their own domain
# used to modify and add new accounts
access to dn.regex="ou=accounts,ou=([^,]+),dc=localdomain$"
attrs=entry,@inetOrgPerson,@mozillaAbPersonAlpha,@evolutionPerson,@dbmailUser,@shadowAccount
by dn.exact,expand="cn=egwadmin,ou=$1,dc=localdomain" write
by * none
#######################################################################
#
# Access to groups
#
#######################################################################
# allow admins to add new groups to the tree
access to dn.regex="^ou=groups,ou=([^,]+),dc=localdomain$"
attrs=children
by dn.exact,expand="cn=egwadmin,ou=$1,dc=localdomain" write
by * none
# allow admin account access to groups in their own domain
# used to modify and add new groups
access to dn.regex="^cn=([^,]+),ou=groups,ou=([^,]+),dc=localdomain$"
attrs=entry,@posixGroup,@groupOfNames
by dn.exact,expand="cn=egwadmin,ou=$2,dc=localdomain" write
by * none
#######################################################################
#
# Access to personal addressbooks
#
#######################################################################
# allow admins to add new personal addressbooks to the tree
access to dn.regex="^ou=personal,ou=contacts,ou=([^,]+),dc=localdomain$"
attrs=children
by dn.exact,expand="cn=egwadmin,ou=$1,dc=localdomain" write
by * none
# allow admins to add new personal addressbooks
# user can read the addressbooks only
access to dn.regex="^cn=([^,]+),ou=personal,ou=contacts,ou=([^,]+),dc=localdomain$"
attrs=entry
by dn.exact,expand="uid=$1,ou=accounts,ou=$2,dc=localdomain" read
by dn.exact,expand="cn=egwadmin,ou=$2,dc=localdomain" write
by * none
# allow user and egwadmin to manage personal addressbook entries
access to dn.regex="cn=([^,]+),ou=personal,ou=contacts,ou=([^,]+),dc=localdomain$"
by dn.exact,expand="uid=$1,ou=accounts,ou=$2,dc=localdomain" write
by dn.exact,expand="cn=egwadmin,ou=$2,dc=localdomain" write
by * none
#######################################################################
#
# Access to group addressbooks
#
#######################################################################
# allow admins to add new group addressbooks to the tree
access to dn.regex="^ou=shared,ou=contacts,ou=([^,]+),dc=localdomain$"
attrs=children
by dn.exact,expand="cn=egwadmin,ou=$1,dc=localdomain" write
by users none
# allow admins to add new group addressbooks
# groupmembers can read the addressbooks only
access to dn.regex="^cn=([^,]+),ou=shared,ou=contacts,ou=([^,]+),dc=localdomain$"
attrs=entry
by group.expand="cn=$1,ou=groups,ou=$2,dc=localdomain" read
by dn.exact,expand="cn=egwadmin,ou=$2,dc=localdomain" write
by * none
# allow groups and egwadmin to manage group addressbook entries
# by group.expand="cn=$1,ou=groups,ou=$2,dc=localdomain" peername=127.0.0.1 write
access to dn.regex="cn=([^,]+),ou=shared,ou=contacts,ou=([^,]+),dc=localdomain$"
by group.expand="cn=$1,ou=groups,ou=$2,dc=localdomain" write
by dn.exact,expand="cn=egwadmin,ou=$2,dc=localdomain" write
by * none

2
phpgwapi/setup/setup.inc.php
View File

@ -14,7 +14,7 @@
/* Basic information about this app */ /* Basic information about this app */
$setup_info['phpgwapi']['name'] = 'phpgwapi'; $setup_info['phpgwapi']['name'] = 'phpgwapi';
$setup_info['phpgwapi']['title'] = 'eGroupWare API'; $setup_info['phpgwapi']['title'] = 'eGroupWare API';
$setup_info['phpgwapi']['version'] = '1.3.021'; $setup_info['phpgwapi']['version'] = '1.3.022';
$setup_info['phpgwapi']['versions']['current_header'] = '1.28'; $setup_info['phpgwapi']['versions']['current_header'] = '1.28';
$setup_info['phpgwapi']['enable'] = 3; $setup_info['phpgwapi']['enable'] = 3;
$setup_info['phpgwapi']['app_order'] = 1; $setup_info['phpgwapi']['app_order'] = 1;

7
phpgwapi/setup/tables_update.inc.php
View File

@ -778,4 +778,11 @@
return $GLOBALS['setup_info']['phpgwapi']['currentver'] = '1.3.021'; return $GLOBALS['setup_info']['phpgwapi']['currentver'] = '1.3.021';
} }
$test[] = '1.3.021';
function phpgwapi_upgrade1_3_021()
{
# 1.4 Beta RC 1
return $GLOBALS['setup_info']['phpgwapi']['currentver'] = '1.3.022';
}
?> ?>