On 12/13/2010 11:27 AM, Dmitri Pal wrote:
>
> Sorry this whole part just does not make sense to me. What is the target
> group? Where it came from?
>
One ACI that uses this is 'add_user_to_default_group. This is used in
the permission 'useradmin'.
The json response for permission-show looks like this:
|{
|| "error": null,
|| "id": 2,
|| "result": {
|| "result": {
|| "attributelevelrights": {
|| "aci": "rscwo",
|| "businesscategory": "rscwo",
|| "cn": "rscwo",
|| "description": "rscwo",
|| "member": "rscwo",
|| "nsaccountlock": "rscwo",
|| "o": "rscwo",
|| "objectclass": "rscwo",
|| "ou": "rscwo",
|| "owner": "rscwo",
|| "seealso": "rscwo"
|| },
|| "attrs": [
|| "member"
|| ],
|| "cn": [
|| "add_user_to_default_group"
|| ],
|| "description": [
|| "Add user to default group"
|| ],
|| "dn":
"cn=add_user_to_default_group,cn=permissions,cn=accounts,dc=ayoung,dc=boston,dc=devel||,dc=redhat,dc=com",
|| "member_privilege": [
|| "useradmin"
|| ],
|| "objectclass": [
|| "top",
|| "groupofnames"
|| ],
|| "permissions": [
|| "write"
|| ],
|| "targetgroup":
"ldap:///cn=ipausers,cn=groups,cn=accounts,dc=ayoung,dc=boston,dc=devel,dc||=redhat,dc=com"
|| },
|| "summary": null,
|| "value": "add_user_to_default_group"
|| }
||}|
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel