| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849 |
- #
- # Authentication login is matched against the "user" key, and collection's path is matched against the "collection" key.
- # You can use Python's ConfigParser interpolation values %(login)s and %(path)s.
- # You can also get groups from the user regex in the collection with {0}, {1}, etc.
- #
- # For example, for the "user" key, ".+" means "authenticated user" and ".*" means "anybody" (including anonymous users).
- #
- # Section names are only used for naming the rule.
- # Leading or ending slashes are trimmed from collection's path.
- #
- # This means all users starting with "admin" may read any collection
- [admin]
- user: ^admin.*$
- collection: .*
- permission: r
- # This means all users may read and write any collection starting with public.
- # We do so by just not testing against the user string.
- [public]
- user: .*
- collection: ^public(/.+)?$
- permission: rw
- # A little more complex: give read access to users from a domain for all
- # collections of all the users (ie. user@domain.tld can read domain/\*).
- [domain-wide-access]
- user: ^.+@(.+)\..+$
- collection: ^{0}/.+$
- permission: r
- # Allow authenticated user to read all collections
- [allow-everyone-read]
- user: .+
- collection: .*
- permission: r
- # Give write access to owners
- [owner-write]
- user: .+
- collection: ^%(login)s(/.+)?$
- permission: rw
- # Allow CardDavMATE-, CalDavZAP- or InfCloud- WEBclient to work
- # anonymous users have read access to "/" but no files or subdir
- [infcloud]
- user: .*
- collection: /
- permission: r
|
