update doc

parent 862fa112
Pipeline #1400 passed with stages
in 10 minutes and 3 seconds
......@@ -613,7 +613,7 @@ The *ACL* engine has some settings as bellow:
# acl engine global options
[ACL]
# Enable extended matching rules (disabled by default)
# Enable extended matching rules (enabled by default)
# If the rule is a string like 'user1 = desk*', it will match any client that
# matches 'desk*' no mater what agent it is attached to.
# If it is a coma separated list of strings like 'user1 = desk*,laptop*' it
......@@ -621,7 +621,7 @@ The *ACL* engine has some settings as bellow:
# If it is a dict like:
# user1 = '{"agents": ["srv*", "www*"], "clients": ["desk*", "laptop*"]}'
# It will also validate against the agent name.
extended = false
extended = true
# If you don't explicitly specify ro/rw grants, what should we assume?
assume_rw = true
# The inheritance order maters, it means depending the order you choose,
......@@ -629,6 +629,10 @@ The *ACL* engine has some settings as bellow:
# By default, ACL inherited by groups will have lower priority, unless you
# choose otherwise
inverse_inheritance = false
# If you specify agents and clients separately, should we link them implicitly?
# For instance, '{"agents": ["agent1", "agent2"], "clients": ["client1", "client2"]}'
# will become: '{"agents": {"agent1": ["client1", "client2"], "agent2": ["client1", "client2"]}}'
implicit_link = true
# Enable 'legacy' behavior
# Since v0.6.0, if you don't specify the agents name explicitly, users will be
# granted on every agents where a client matches user's ACL. If you enable the
......
......@@ -234,7 +234,7 @@ noserverrestore = false
## acl engine global options
#[ACL]
## Enable extended matching rules (disabled by default)
## Enable extended matching rules (enabled by default)
## If the rule is a string like 'user1 = desk*', it will match any client that
## matches 'desk*' no mater what agent it is attached to.
## If it is a coma separated list of strings like 'user1 = desk*,laptop*' it
......@@ -242,7 +242,7 @@ noserverrestore = false
## If it is a dict like:
## user1 = '{"agents": ["srv*", "www*"], "clients": ["desk*", "laptop*"]}'
## It will also validate against the agent name.
#extended = false
#extended = true
## If you don't explicitly specify ro/rw grants, what should we assume?
#assume_rw = true
## Enable 'legacy' behavior
......@@ -256,6 +256,10 @@ noserverrestore = false
## By default, ACL inherited by groups will have lower priority, unless you
## choose otherwise
#inverse_inheritance = false
## If you specify agents and clients separately, should we link them implicitly?
## For instance, '{"agents": ["agent1", "agent2"], "clients": ["client1", "client2"]}'
## will become: '{"agents": {"agent1": ["client1", "client2"], "agent2": ["client1", "client2"]}}'
#implicit_link = true
## basicacl specific options
## Note: in case you leave this section commented, the user 'admin' will have
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment