# The user "lukas" can read and write any collection
[admin]
user: lukas
collection: .*
permissions: RrWw

# Allow reading root collection for authenticated users (required for the web interface)
[root]
user: .+
collection:
permissions: R

# Allow reading and writing principal collection (same as user name)
[principal]
user: .+
collection: {user}
permissions: RW

# Allow reading and writing calendars and address books that are direct
# children of the principal collection
[calendars]
user: .+
collection: {user}/[^/]+
permissions: rw