On 24/2/2012 4:56 μμ, Nick Milas wrote:
I have tried to make it more precise. So, assuming the schema is as follows (OIDs are hypothetical), can someone comment on the following (modified accordingly) access list?
access to <some entries> <some attributes> by set="this/writeAccessEntities/member* & user" write by set="this/readAccessEntities/member* & user" read by set="this/searchAccessEntities/member* & user" search
I tested this (the write and read parts) and it works as expected.
The administrator just has to pay attention to also provide at least read access to "children,entry" attributes for the associated groups.
Nick