On 12/12/2011 9:27 AM, Petr Vobornik wrote:
This patch works with assumption that user in self-service mode doesn't
have rights for enrolling/un-enrolling himself to/from group, role, hbac
rule, net group, sudo rule. He can only read the attributes. Therefore
in self service mode all user association facets are set read only.

Checking and working with the actual rights would require significantly
bigger effort.


Pushed to master.

Endi S. Dewata

Freeipa-devel mailing list

Reply via email to