This patch works with assumption that user in self-service mode doesn't
have rights for enrolling/un-enrolling himself to/from group, role, hbac
rule, net group, sudo rule. He can only read the attributes. Therefore
in self service mode all user association facets are set read only.
Checking
On 12/12/2011 9:27 AM, Petr Vobornik wrote:
This patch works with assumption that user in self-service mode doesn't
have rights for enrolling/un-enrolling himself to/from group, role, hbac
rule, net group, sudo rule. He can only read the attributes. Therefore
in self service mode all user
