#4106 [RFE] Allow using targetattrfilter in permissions
Opened 10 years ago by pviktori. Modified 7 years ago

Split from https://fedorahosted.org/freeipa/ticket/4074

We should allow management of value-based ACIs via permissions.


There was an increased interest for this feature, we should look at it at FreeIPA 4.2 scope.

Syntax explained in DS documentation.

Note that this one is more complex feature than #4054 and thus should not be done as the first.

The FreeIPA 4.2 was already shaped (see [[milestone:FreeIPA 4.2]] milestone), this does not fit - there are many requests/use cases for this ACI. Pushing out.

If anyone is willing to help and contribute to this one, please let us know!

Moving to 4.4 Backlog - it would be nice to do this one if there is time.

Metadata Update from @pviktori:
- Issue assigned to mbabinsk
- Issue set to the milestone: FreeIPA 4.5 backlog

7 years ago

Login to comment on this ticket.

Metadata