changes.
| |  | |
| | |
| | |
| | The ABNF syntax for LDAP ACIItem is as follows: |
 | | |
| | {noformat} |
| | ACIItem = "{" sp aci_identificationTag |
| | sep sp aci-precedence |
| | sep sp aci-authenticationLevel |
| | sep sp aci-itemOrUserFirst sp "}" |
| | |
| | aci_identificationTag = id-identificationTag msp DirectoryString |
| | |
| | aci-precedence = id-precedence msp Precedence |
| | |
| | aci-authenticationLevel = id-authenticationLevel msp AuthenticationLevel |
| | |
| | aci-itemOrUserFirst = id-itemOrUserFirst msp aci-itemOrUserFirst |
| | |
| | aci-itemOrUserFirst = aci-itemFirst / aci-userFirst |
| | |
| | aci-itemFirst = id-itemFirst ":" ItemFirst |
| | |
| | aci-userFirst = id-userFirst ":" UserFirst |
| | |
| | ItemFirst = "{" sp aci-protectedItems |
| | sep sp aci-itemPermissions sp "}" |
| | |
| | UserFirst = "{" sp aci-userClasses |
| | sep sp aci-userPermissions sp "}" |
| | |
| | aci-protectedItems = id-protectedItems msp ProtectedItems |
| | |
| | aci-itemPermissions = id-itemPermissions msp ItemPermissions |
| | |
| | aci-userClasses = id-userClasses msp UserClasses |
| | |
| | aci-userPermissions = id-userPermissions msp UserPermissions |
| | |
| | ProtectedItems = "{" [ sp aci-entry] |
| | [ sep sp aci-allUserAttributeTypes ] |
| | [ sep sp aci-attributeType ] |
| | [ sep sp aci-allAttributeValues ] |
| | | [ sep sp aci-allAttributeValues ] |
| | [ sep sp aci-allUserAttributeTypesAndValues ] |
| | [ sep sp aci-attributeValue ] |
| | [ sep sp aci-selfValue ] |
| | [ sep sp aci-rangeOfValues ] |
| | [ sep sp aci-maxValueCount ] |
| | [ sep sp aci-maxImmSub ] |
| | [ sep sp aci-restrictedBy ] |
| | [ sep sp aci-classes ] sp "}" |
| | |
| | ItemPermissions = "{" [ sp ItemPermission |
| | *( sep sp ItemPermission ) sp "}" |
| | | *( sep sp ItemPermission ) ] sp "}" |
| | |
| | ItemPermission = "{" [ sp aci-precedence ] |
| | sep sp aci-userClasses |
| | sep sp aci-grantsAndDenials sp "}" |
| | |
| | UserClasses = "{" [ sp aci-allUsers ] |
| | [ sep sp aci-thisEntry ] |
| | [ sep sp aci-Name ] |
| | [ sep sp aci-userGroup ] |
| | [ sep sp aci-subtree ] sp "}" |
| | |
| | UserPermissions = "{" [ sp UserPermission |
| | *( sep sp UserPermission ) ] sp "}" |
| | | *( sep sp UserPermission ) ] sp "}" |
| | |
| | UserPermission = "{" [ sp aci-precedence ] |
| | sep sp aci-protectedItems |
| | sep sp aci-grantsAndDenials sp "}" |
| | |
| | aci-entry = id-entry |
| | |
| | aci-allUserAttributeTypes = id-allUserAttributeTypes |
| | |
| | aci-attributeType = id-attributeType msp AttributeTypes |
| | |
| | aci-allAttributeValues = id-allAttributeValues msp AttributeTypes |
| | |
| | aci-allUserAttributeTypesAndValues = id-allUserAttributeTypesAndValues |
| | |
| | aci-attributeValue = id-attributeValue msp AttributeTypeAndValues |
| | |
| | aci-selfValue = id-selfValue msp AttributeTypes |
| | |
| | aci-rangeOfValues = id-rangeOfValues msp Filter |
| | |
| | aci-maxValueCount = id-maxValueCount msp MaxValueCount |
| | |
| | aci-maxImmSub = id-maxImmSub msp INTEGER |
| | |
| | aci-restrictedBy = id-restrictedBy msp RestrictedBy |
| | |
| | aci-classes = id-classes msp Refinement |
| | |
| | aci-grantsAndDenials = id-grantsAndDenials msp GrantsAndDenials |
| | |
| | aci-allUsers = id-allUsers |
| | |
| | aci-thisEntry = id-thisEntry |
| | |
| | aci-name = id-name msp DistinguishedNames |
| | |
| | aci-userGroup = id-userGroup msp DistinguishedNames |
| | |
| | aci-subtree = id-subtree msp SubtreeSpecifications |
| | |
| | AttributeTypes = "{" sp AttributeType |
| | *( sep sp AttributeType ) sp "}" |
| | |
| | | |
| | AttributeTypeAndValues = "{" sp AttributeTypeAndValue |
| | *( sep sp AttributeTypeAndValue ) sp "}" |
| | |
| | MaxValueCount = "{" sp AttributeType |
| | sep sp INTEGER sp "}" |
| | |
| | RestrictedBy = "{" sp RestrictedValue |
| | *( sep sp RestrictedValue ) sp "}" |
| | |
| | GrantsAndDenials = "{" [ sp GrantAndDenialsBit |
| | *( sep sp GrantAndDenialsBit ) ] sp "}" |
| | ; WARNING: There SHALL NOT be any duplicates |
| | |
| | DistinguishedNames = "{" sp DistinguishedName |
| | *( sep sp DistinguishedName ) sp "}" |
| | |
| | |
| | |
| | SubtreeSpecifications = "{" sp SubtreeSpecification |
| | *( sep sp SubtreeSpecification ) sp "}" |
| | |
| | RestrictedValue = "{" sp aci-type |
| | sep sp aci-valuesIn "}" |
| | |
| | aci-type = id-type msp AttributeType |
| | |
| | aci-valuesIn = id-valuesIn msp AttributeType |
| | |
| | Precedence = INTEGER(1..255) ; FIXME: How shall we show this ? |
| | |
| | AuthenticationLevel = id-none / id-simple / id-strong |
| | |
| | GrantAndDenialsBit = id-grantAdd |
| | / id-denyAdd |
| | / id-grantDiscloseOnError |
| | / id-denyDiscloseOnError |
| | / id-grantRead |
| | / id-denyRead |
| | / id-grantRemove |
| | / id-denyRemove |
| | / id-grantBrowse |
| | / id-denyBrowse |
| | / id-grantExport |
| | / id-denyExport |
| | / id-grantImport |
| | / id-denyImport |
| | / id-grantModify |
| | / id-denyModify |
| | / id-grantRename |
| | / id-denyRename |
| | / id-grantReturnDN |
| | / id-denyReturnDN |
| | / id-grantCompare |
| | / id-denyCompare |
| | / id-grantFilterMatch |
| | / id-denyFilterMatch |
| | / id-grantInvoke |
| | / id-denyInvoke |
| | |
| | ;MYRULE |
| | ;id-X = "X" |
| | {noformat} |
| | |
| | {info:title=The Apache Directory Server way...} |
| | Apache Directory Server allows a fully flexible version of this grammar where order of named components and amount of spaces (where applicable) do not matter. |
| | {info} |
Page Operations
Browse Space
