Documentation

Server 3.x

Static Permissions#

You can use a (JSON) file where the mapping between permissions and users are stored.

This file needs to (by default) be stored in /etc/vpn-user-portal/static_permissions.json and has the following format:

{
    "memberOf!employees": [
        "ellis",
        "remi",
        "charlie"
    ],
    "memberOf!admins": [
        "charlie"
    ]
}

This means that the users ellis, remi get the permission memberOf!employees and the user charlie gets both memberOf!employees and memberOf!admins.

These permissions will be available for accessPermissionList, aclPermissionList and adminPermissionList, see Permissions for more information on actually using the permissions.

If the file /etc/vpn-user-portal/static_permissions.json does not exist, there will be no “Static Permissions”.

Configuration#

There are a few configuration options that can be set in /etc/vpn-user-portal/config.php, their default values are shown:

[
    // ...

    'StaticPermissionsConfig' => [
        'permissionsFile' => '/etc/vpn-user-portal/static_permissions.json',
        'defaultAttributeName' => 'memberOf',
        'isLivePermissionSource' => false,
    ],

    // ...
Configuration Key Type Default Description
permissionsFile string /etc/vpn-user-portal/static_permissions.json Location of the JSON file containing the permissions
defaultAttributeName string memberOf If no attribute name “prefix” is specified in the JSON file, e.g. memberOf! this will be the default
isLivePermissionSource bool false Use this source for Live Permissions