Add anyread to admins in example acl because don't be ridiculous

author: Alex Auvolat <alex@adnab.me> 2020-01-26 18:59:28 +0100
committer: Alex Auvolat <alex@adnab.me> 2020-01-26 18:59:28 +0100
commit: 611d182907c3c567f9000c4e0dc00da95e2d64f6 (patch)
tree: a40f5ea01722920c0a070ebbaeead4bfe8e70f4b
parent: b768b78406fbc33c09483c93eaddfda21be9aae8 (diff)
download: bottin-611d182907c3c567f9000c4e0dc00da95e2d64f6.tar.gz
bottin-611d182907c3c567f9000c4e0dc00da95e2d64f6.zip
1 files changed, 4 insertions, 4 deletions
diff --git a/main.go b/main.go
index 7876915..6516724 100644
--- a/main.go
+++ b/main.go
@@ -57,10 +57,10 @@ func main() {
 		"*,dc=gobottin,dc=eu::read:*:* !userpassword",
 		// Anybody can read and modify anything from their own entry
 		"*::read modify:SELF:*",
-		// The admin can add, modify, delete anything
-		"cn=admin,dc=gobottin,dc=eu::add modify delete:*:*",
-		// Members of the admin group can add, modify, delete anything
-		"*:cn=admin,ou=groups,dc=gobottin,dc=eu:add modify delete:*:*",
+		// The admin can read, add, modify, delete anything
+		"cn=admin,dc=gobottin,dc=eu::read add modify delete:*:*",
+		// Members of the admin group can read, add, modify, delete anything
+		"*:cn=admin,ou=groups,dc=gobottin,dc=eu:read add modify delete:*:*",
 	}
 	acl, err := ParseACL(aclStr)
 	if err != nil {
author	Alex Auvolat <alex@adnab.me>	2020-01-26 18:59:28 +0100
committer	Alex Auvolat <alex@adnab.me>	2020-01-26 18:59:28 +0100
commit	611d182907c3c567f9000c4e0dc00da95e2d64f6 (patch)
tree	a40f5ea01722920c0a070ebbaeead4bfe8e70f4b
parent	b768b78406fbc33c09483c93eaddfda21be9aae8 (diff)
download	bottin-611d182907c3c567f9000c4e0dc00da95e2d64f6.tar.gz bottin-611d182907c3c567f9000c4e0dc00da95e2d64f6.zip