0a492a00b1
New permissions: R: read collections without tag r: read collections with tag and included objects W: write and delete collections without tag w: write and delete collection with tag and included objects
49 lines
1.3 KiB
Plaintext
49 lines
1.3 KiB
Plaintext
# -*- mode: conf -*-
|
|
# vim:ft=cfg
|
|
|
|
# Rights management file for Radicale - A simple calendar server
|
|
#
|
|
# The default path for this file is /etc/radicale/rights
|
|
# The path can be specified in the rights section of the configuration file
|
|
#
|
|
# Some examples are included in Radicale's documentation, see:
|
|
# http://radicale.org/rights/
|
|
#
|
|
# This file gives independant examples to help users write their own
|
|
# configuration files. Using these examples together in the same configuration
|
|
# file is meaningless.
|
|
#
|
|
# The first rule matching both user and collection patterns will be returned.
|
|
|
|
# This means all users starting with "admin" may read any collection
|
|
[admin]
|
|
user: admin.*
|
|
collection: .*
|
|
permissions: Rr
|
|
|
|
# This means all users may read and write any collection starting with public.
|
|
# We do so by just not testing against the user string.
|
|
[public]
|
|
user: .*
|
|
collection: public(/.+)?
|
|
permissions: RrWw
|
|
|
|
# A little more complex: give read access to users from a domain for all
|
|
# collections of all the users (ie. user@domain.tld can read domain/*).
|
|
[domain-wide-access]
|
|
user: .+@(.+)\..+
|
|
collection: {0}/.+
|
|
permissions: Rr
|
|
|
|
# Allow authenticated user to read all collections
|
|
[allow-everyone-read]
|
|
user: .+
|
|
collection: .*
|
|
permissions: Rr
|
|
|
|
# Give write access to owners
|
|
[owner-write]
|
|
user: .+
|
|
collection: %(login)s/.*
|
|
permissions: Ww
|