ACL template
The ACL template defines the access level of user action.
The name that is used in the action refACL
(reference ACL) is required and
must be unique. This name cannot contain any of these special characters:
| / \ [ ] : ; | = , + * < > @ "
To configure:
host
: This is the host name. If this is not specified, then all hosts are included.version
: This is the Cloverleaf version, for example,19.1
. If this is not specified, then all versions are included.site
: This is the site name. If this is not specified, then all sites are included.masterSiteOnly
. The default isfalse
. Iftrue
, then do not specifysite
.
For example, to grant lookup table permission on sites named helloworld
for all host servers whose version is 19.1
, you can use:
<acl name="helloworld" versions="19.1" sites="helloworld">
<user name="sample_user">
<action tool="LookupTable" refACL="helloworld" />
</user>
Roles and users
To configure roles and users:
name
: This is required and must be unique.roles
: This can be more than one role, separated by a comma.remark
: This is an added description.
For actions:
deleted
: The default isfalse
. When the level and tool name are the same,actions
, or one action, can be deleted, as it is created/updated by default.rights
:P
: This indicates "grant" (default).N
: This indicates "deny".
actions
: Actions are separated by a comma.This relates to buttons and actions in the tool. For example,
open
opens a tool,start
starts a thread, andstop
stops the thread.tool
: The tool name in the GUI. This is case-insensitive, for example,Netmonitor
.refACL
: The reference ID of the ACL.