| <?xml version="1.0" encoding="UTF-8"?> |
| |
| <document> |
| <properties> |
| <author email="ersiner">ersiner</author> |
| <title>ApacheDS - ACIItem ABNF Grammar</title> |
| </properties> |
| <body> |
| <p> |
| The ABNF syntax for LDAP ACIItem is as |
| follows:</p> |
| <source>ACIItem = "{" sp aci_identificationTag |
| sep sp aci-precedence |
| sep sp aci-authenticationLevel |
| sep sp aci-itemOrUserFirst sp "}" |
| |
| aci_identificationTag = id-identificationTag msp DirectoryString |
| |
| aci-precedence = id-precedence msp Precedence |
| |
| aci-authenticationLevel = id-authenticationLevel msp AuthenticationLevel |
| |
| aci-itemOrUserFirst = id-itemOrUserFirst msp aci-itemOrUserFirst |
| |
| aci-itemOrUserFirst = aci-itemFirst / aci-userFirst |
| |
| aci-itemFirst = id-itemFirst ":" ItemFirst |
| |
| aci-userFirst = id-userFirst ":" UserFirst |
| |
| ItemFirst = "{" sp aci-protectedItems |
| sep sp aci-itemPermissions sp "}" |
| |
| UserFirst = "{" sp aci-userClasses |
| sep sp aci-userPermissions sp "}" |
| |
| aci-protectedItems = id-protectedItems msp ProtectedItems |
| |
| aci-itemPermissions = id-itemPermissions msp ItemPermissions |
| |
| aci-userClasses = id-userClasses msp UserClasses |
| |
| aci-userPermissions = id-userPermissions msp UserPermissions |
| |
| ProtectedItems = "{" [ sp aci-entry] |
| [ sep sp aci-allUserAttributeTypes ] |
| [ sep sp aci-attributeType ] |
| [ sep sp aci-allAttributeValues ] |
| [ sep sp aci-allUserAttributeTypesAndValues ] |
| [ sep sp aci-attributeValue ] |
| [ sep sp aci-selfValue ] |
| [ sep sp aci-rangeOfValues ] |
| [ sep sp aci-maxValueCount ] |
| [ sep sp aci-maxImmSub ] |
| [ sep sp aci-restrictedBy ] |
| [ sep sp aci-classes ] sp "}" |
| |
| ItemPermissions = "{" [ sp ItemPermission |
| *( sep sp ItemPermission ) sp "}" |
| |
| ItemPermission = "{" [ sp aci-precedence ] |
| sep sp aci-userClasses |
| sep sp aci-grantsAndDenials sp "}" |
| |
| UserClasses = "{" [ sp aci-allUsers ] |
| [ sep sp aci-thisEntry ] |
| [ sep sp aci-Name ] |
| [ sep sp aci-userGroup ] |
| [ sep sp aci-subtree ] sp "}" |
| |
| UserPermissions = "{" [ sp UserPermission |
| *( sep sp UserPermission ) ] sp "}" |
| |
| UserPermission = "{" [ sp aci-precedence ] |
| sep sp aci-protectedItems |
| sep sp aci-grantsAndDenials sp "}" |
| |
| aci-entry = id-entry |
| |
| aci-allUserAttributeTypes = id-allUserAttributeTypes |
| |
| aci-attributeType = id-attributeType msp AttributeTypes |
| |
| aci-allAttributeValues = id-allAttributeValues msp AttributeTypes |
| |
| aci-allUserAttributeTypesAndValues = id-allUserAttributeTypesAndValues |
| |
| aci-attributeValue = id-attributeValue msp AttributeTypeAndValues |
| |
| aci-selfValue = id-selfValue msp AttributeTypes |
| |
| aci-rangeOfValues = id-rangeOfValues msp Filter |
| |
| aci-maxValueCount = id-maxValueCount msp MaxValueCount |
| |
| aci-maxImmSub = id-maxImmSub msp INTEGER |
| |
| aci-restrictedBy = id-restrictedBy msp RestrictedBy |
| |
| aci-classes = id-classes msp Refinement |
| |
| aci-grantsAndDenials = id-grantsAndDenials msp GrantsAndDenials |
| |
| aci-allUsers = id-allUsers |
| |
| aci-thisEntry = id-thisEntry |
| |
| aci-name = id-name msp DistinguishedNames |
| |
| aci-userGroup = id-userGroup msp DistinguishedNames |
| |
| aci-subtree = id-subtree msp SubtreeSpecifications |
| |
| AttributeTypes = "{" sp AttributeType |
| *( sep sp AttributeType ) sp "}" |
| |
| AttributeTypeAndValues = "{" sp AttributeTypeAndValue |
| *( sep sp AttributeTypeAndValue ) sp "}" |
| |
| MaxValueCount = "{" sp AttributeType |
| sep sp INTEGER sp "}" |
| |
| RestrictedBy = "{" sp RestrictedValue |
| *( sep sp RestrictedValue ) sp "}" |
| |
| GrantsAndDenials = "{" [ sp GrantAndDenialsBit |
| *( sep sp GrantAndDenialsBit ) ] sp "}" |
| ; WARNING: There SHALL NOT be any duplicates |
| |
| DistinguishedNames = "{" sp DistinguishedName |
| *( sep sp DistinguishedName ) sp "}" |
| |
| |
| SubtreeSpecifications = "{" sp SubtreeSpecification |
| *( sep sp SubtreeSpecification ) sp "}" |
| |
| RestrictedValue = "{" sp aci-type |
| sep sp aci-valuesIn "}" |
| |
| aci-type = id-type msp AttributeType |
| |
| aci-valuesIn = id-valuesIn msp AttributeType |
| |
| Precedence = INTEGER(1..255) ; FIXME: How shall we show this ? |
| |
| AuthenticationLevel = id-none / id-simple / id-strong |
| |
| GrantAndDenialsBit = id-grantAdd |
| / id-denyAdd |
| / id-grantDiscloseOnError |
| / id-denyDiscloseOnError |
| / id-grantRead |
| / id-denyRead |
| / id-grantRemove |
| / id-denyRemove |
| / id-grantBrowse |
| / id-denyBrowse |
| / id-grantExport |
| / id-denyExport |
| / id-grantImport |
| / id-denyImport |
| / id-grantModify |
| / id-denyModify |
| / id-grantRename |
| / id-denyRename |
| / id-grantReturnDN |
| / id-denyReturnDN |
| / id-grantCompare |
| / id-denyCompare |
| / id-grantFilterMatch |
| / id-denyFilterMatch |
| / id-grantInvoke |
| / id-denyInvoke |
| |
| ;MYRULE |
| ;id-X = "X" |
| </source> |
| <table> |
| <tr> |
| <th> |
| <img src="http://docs.safehaus.org/images/icons/emoticons/information.png"/> |
| </th> |
| <th> |
| <center>The Apache Directory Server way...</center> |
| </th> |
| </tr> |
| <tr> |
| <td/> |
| <td> |
| <p> |
| Apache Directory Server allows a fully flexible version of this grammar where |
| order of named components and amount of spaces (where applicable) do not |
| matter.</p> |
| </td> |
| </tr> |
| </table> |
| </body> |
| </document> |