diff options
author | Petr Viktorin <pviktori@redhat.com> | 2014-09-03 10:54:50 +0200 |
---|---|---|
committer | Petr Viktorin <pviktori@dhcp-31-13.brq.redhat.com> | 2014-09-05 13:50:29 +0200 |
commit | 3e2c86aeabbd2e3c54ad73a40803ef2bf5b0cb17 (patch) | |
tree | fe241181ecdbb25961546433ec46a34e31d16b8d /ipalib/plugins/user.py | |
parent | cabc9bf8b355a0e42bc268565cf261143dd669f0 (diff) | |
download | freeipa-3e2c86aeabbd2e3c54ad73a40803ef2bf5b0cb17.tar.gz freeipa-3e2c86aeabbd2e3c54ad73a40803ef2bf5b0cb17.tar.xz freeipa-3e2c86aeabbd2e3c54ad73a40803ef2bf5b0cb17.zip |
Add managed read permissions for compat tree
https://fedorahosted.org/freeipa/ticket/4521
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Diffstat (limited to 'ipalib/plugins/user.py')
-rw-r--r-- | ipalib/plugins/user.py | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py index 454d21972..f95b4fd4a 100644 --- a/ipalib/plugins/user.py +++ b/ipalib/plugins/user.py @@ -424,6 +424,17 @@ class user(LDAPObject): ], 'default_privileges': {'User Administrators'}, }, + 'System: Read User Compat Tree': { + 'non_object': True, + 'ipapermbindruletype': 'anonymous', + 'ipapermlocation': api.env.basedn, + 'ipapermtarget': DN('cn=users', 'cn=compat', api.env.basedn), + 'ipapermright': {'read', 'search', 'compare'}, + 'ipapermdefaultattr': { + 'objectclass', 'uid', 'cn', 'gecos', 'gidnumber', 'uidnumber', + 'homedirectory', 'loginshell', + }, + }, } label = _('Users') |