mirror of
https://github.com/YunoHost-Apps/radicale_ynh.git
synced 2024-09-03 20:16:14 +02:00
61 lines
1.7 KiB
Text
61 lines
1.7 KiB
Text
|
# Rights are based on a regex-based file whose name is specified in the config (section "right", key "file").
|
||
|
#
|
||
|
# Authentication login is matched against the "user" key, and collection's path is matched against the "collection" key. You can use Python's ConfigParser interpolation values %(login)s and %(path)s. You can also get groups from the user regex in the collection with {0}, {1}, etc.
|
||
|
#
|
||
|
# For example, for the "user" key, ".+" means "authenticated user" and ".*" means "anybody" (including anonymous users).
|
||
|
#
|
||
|
# Section names are only used for naming the rule.
|
||
|
#
|
||
|
# Leading or ending slashes are trimmed from collection's path.
|
||
|
|
||
|
|
||
|
|
||
|
# This means all users starting with "admin" may read any collection
|
||
|
[admin]
|
||
|
user: ^admin.*$
|
||
|
collection: .*
|
||
|
permission: r
|
||
|
|
||
|
# This means all users may read and write any collection starting with public.
|
||
|
# We do so by just not testing against the user string.
|
||
|
[public]
|
||
|
user: .*
|
||
|
collection: ^public(/.+)?$
|
||
|
permission: rw
|
||
|
|
||
|
# A little more complex: give read access to users from a domain for all
|
||
|
# collections of all the users (ie. user@domain.tld can read domain/\*).
|
||
|
# [domain-wide-access]
|
||
|
# user: ^.+@(.+)\..+$
|
||
|
# collection: ^{0}/.+$
|
||
|
# permission: r
|
||
|
|
||
|
# Allow authenticated user to read all collections
|
||
|
[allow-everyone-read]
|
||
|
user: .+
|
||
|
collection: .*
|
||
|
permission: r
|
||
|
|
||
|
# Give write access to owners
|
||
|
[owner-write]
|
||
|
user: .+
|
||
|
collection: ^%(login)s/.+$
|
||
|
permission: w
|
||
|
|
||
|
# Partage public en lecture seule d'un agenda
|
||
|
#[public for readonly]
|
||
|
#user: .*
|
||
|
#collection: ^utilisateur/nom_calendrier*
|
||
|
#permission: r
|
||
|
|
||
|
# Partage public en lecture/écriture d'un agenda
|
||
|
#[public for read/write]
|
||
|
#user: .*
|
||
|
#collection: ^utilisateur/nom_calendrier*
|
||
|
#permission: rw
|
||
|
|
||
|
#[user1 can read and write user2/shared2]
|
||
|
#user: ^user1$
|
||
|
#collection: ^user2/shared2$
|
||
|
#permission: rw
|