GitLab

Hello,

in some case its useful to be able to select user from the whole people branch and be confined in your branch for everything else.

if i use two acl, one to put me in a branch and just there and the second for giving access to only users i can still got to other department defeating the isolation.

The way to be able to keep isolation and still get access to the main ou=people,dc=opensides,dc=be when inside a confined department with a first acl is to be able to put an acl on ou=people,dc=opensides,dc=be.

so i propose to have a flag in the configuration backend that if activated make the top people branch appears in acl assigment

The scenario is corresponding to :

1. i want all my users in ou=people,dc=opensides,dc=be
2. i want to ba able to delegate users to manage ou (aka department) and be confined in it.
3. i want to be able to select users from ou=people,dc=opensides,dc=be to be put in groups, roles etc being confined in my ou.

Cheers

(from redmine: issue id 4561, created on 2016-03-01, closed on 2016-03-08)

• Changesets:
  • Revision 3d242f8a by Côme Chilliet on 2016-03-03T12:05:53.000Z:

Fixes #4561 Acl assignments can now be created on any dn

• Revision f810afb2 by Côme Chilliet on 2016-03-03T12:06:51.000Z:

Fixes #4561 Acl assignments can now be created on any dn

• Revision ac7d09f1 by Côme Chilliet on 2016-03-07T03:36:13.000Z:

Fixes #4561 plCategory needs to be an array

• Revision ee81f374 by Côme Chilliet on 2016-03-07T03:37:05.000Z:

Fixes #4561 plCategory needs to be an array