Mercurial > dovecot > core-2.2
annotate src/plugins/acl/acl-mailbox.c @ 8428:1b7c0a216663 HEAD
ACLs: Initial support for "post" right.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Sun, 16 Nov 2008 15:20:45 +0200 |
| parents | 29b1ec15880a |
| children | 633f5ff81767 |
| rev | line source |
|---|---|
|
7086
7ed926ed7aa4
Updated copyright notices to include year 2008.
Timo Sirainen <tss@iki.fi>
parents:
6512
diff
changeset
|
1 /* Copyright (c) 2006-2008 Dovecot authors, see the included COPYING file */ |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
2 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
3 /* FIXME: If we don't have permission to change flags/keywords, the changes |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
4 should still be stored temporarily for this session. However most clients |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
5 don't care and it's a huge job, so I currently this isn't done. The same |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
6 problem actually exists when opening read-only mailboxes. */ |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
7 #include "lib.h" |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
8 #include "array.h" |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
9 #include "istream.h" |
|
5448
beabd433cdae
Moved delete/rename operations to mailbox_list API. Fixed mbox/maildir to
Timo Sirainen <tss@iki.fi>
parents:
4451
diff
changeset
|
10 #include "mailbox-list-private.h" |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
11 #include "acl-api-private.h" |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
12 #include "acl-plugin.h" |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
13 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
14 #include <sys/stat.h> |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
15 |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
16 #define ACL_MAIL_CONTEXT(obj) \ |
|
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
17 MODULE_CONTEXT(obj, acl_mail_module) |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
18 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
19 struct acl_mailbox { |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
20 union mailbox_module_context module_ctx; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
21 struct acl_object *aclobj; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
22 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
23 unsigned int save_hack:1; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
24 }; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
25 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
26 struct acl_transaction_context { |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
27 union mailbox_transaction_module_context module_ctx; |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
28 }; |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
29 |
|
6048
a4c03ced38c3
Fail get_status() lookup if user has no READ right to the mailbox.
Timo Sirainen <tss@iki.fi>
parents:
6045
diff
changeset
|
30 static MODULE_CONTEXT_DEFINE_INIT(acl_mail_module, &mail_module_register); |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
31 static struct acl_transaction_context acl_transaction_failure; |
|
6048
a4c03ced38c3
Fail get_status() lookup if user has no READ right to the mailbox.
Timo Sirainen <tss@iki.fi>
parents:
6045
diff
changeset
|
32 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
33 struct acl_object *acl_storage_get_default_aclobj(struct mail_storage *storage) |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
34 { |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
35 struct acl_mail_storage *astorage = ACL_CONTEXT(storage); |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
36 |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
37 return astorage->rights.backend->default_aclobj; |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
38 } |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
39 |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
40 struct acl_object *acl_mailbox_get_aclobj(struct mailbox *box) |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
41 { |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
42 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
43 |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
44 return abox->aclobj; |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
45 } |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
46 |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
47 int acl_mailbox_right_lookup(struct mailbox *box, unsigned int right_idx) |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
48 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
49 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
50 struct acl_mail_storage *astorage = ACL_CONTEXT(box->storage); |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
51 int ret; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
52 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
53 ret = acl_object_have_right(abox->aclobj, |
|
5540
1216c0ebe492
acl_backend is now tied to mailbox_list instead of mail_storage.
Timo Sirainen <tss@iki.fi>
parents:
5450
diff
changeset
|
54 astorage->rights.acl_storage_right_idx[right_idx]); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
55 if (ret > 0) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
56 return 1; |
|
5540
1216c0ebe492
acl_backend is now tied to mailbox_list instead of mail_storage.
Timo Sirainen <tss@iki.fi>
parents:
5450
diff
changeset
|
57 if (ret < 0) { |
|
1216c0ebe492
acl_backend is now tied to mailbox_list instead of mail_storage.
Timo Sirainen <tss@iki.fi>
parents:
5450
diff
changeset
|
58 mail_storage_set_internal_error(box->storage); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
59 return -1; |
|
5540
1216c0ebe492
acl_backend is now tied to mailbox_list instead of mail_storage.
Timo Sirainen <tss@iki.fi>
parents:
5450
diff
changeset
|
60 } |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
61 |
| 5613 | 62 mail_storage_set_error(box->storage, MAIL_ERROR_PERM, |
| 63 MAIL_ERRSTR_NO_PERMISSION); | |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
64 return 0; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
65 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
66 |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
67 static bool acl_is_readonly(struct mailbox *box) |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
68 { |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
69 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
8428
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
70 enum acl_storage_rights save_right; |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
71 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
72 if (abox->module_ctx.super.is_readonly(box)) |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
73 return TRUE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
74 |
|
8428
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
75 save_right = (box->open_flags & MAILBOX_OPEN_POST_SESSION) != 0 ? |
|
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
76 ACL_STORAGE_RIGHT_POST : ACL_STORAGE_RIGHT_INSERT; |
|
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
77 if (acl_mailbox_right_lookup(box, save_right) > 0) |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
78 return FALSE; |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
79 if (acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_EXPUNGE) > 0) |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
80 return FALSE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
81 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
82 /* Next up is the "shared flag rights" */ |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
83 if (acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE) > 0) |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
84 return FALSE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
85 if ((box->private_flags_mask & MAIL_DELETED) == 0 && |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
86 acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE_DELETED) > 0) |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
87 return FALSE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
88 if ((box->private_flags_mask & MAIL_SEEN) == 0 && |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
89 acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE_SEEN) > 0) |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
90 return FALSE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
91 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
92 return TRUE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
93 } |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
94 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
95 static bool acl_allow_new_keywords(struct mailbox *box) |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
96 { |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
97 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
98 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
99 if (!abox->module_ctx.super.allow_new_keywords(box)) |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
100 return FALSE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
101 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
102 return acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE) > 0; |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
103 } |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
104 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
105 static int acl_mailbox_close(struct mailbox *box) |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
106 { |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
107 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
108 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
109 acl_object_deinit(&abox->aclobj); |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
110 return abox->module_ctx.super.close(box); |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
111 } |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
112 |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
113 static int |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
114 acl_get_write_rights(struct mailbox *box, |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
115 bool *flags_r, bool *flag_seen_r, bool *flag_del_r) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
116 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
117 int ret; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
118 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
119 ret = acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
120 if (ret < 0) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
121 return -1; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
122 *flags_r = ret > 0; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
123 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
124 ret = acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE_SEEN); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
125 if (ret < 0) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
126 return -1; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
127 *flag_seen_r = ret > 0; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
128 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
129 ret = acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE_DELETED); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
130 if (ret < 0) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
131 return -1; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
132 *flag_del_r = ret > 0; |
|
6045
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
133 return 0; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
134 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
135 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
136 static void acl_transaction_set_failure(struct mailbox_transaction_context *t) |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
137 { |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
138 MODULE_CONTEXT_SET(t, acl_storage_module, |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
139 &acl_transaction_failure); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
140 } |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
141 |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
142 static void |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
143 acl_mail_update_flags(struct mail *_mail, enum modify_type modify_type, |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
144 enum mail_flags flags) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
145 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
146 struct mail_private *mail = (struct mail_private *)_mail; |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
147 union mail_module_context *amail = ACL_MAIL_CONTEXT(mail); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
148 bool acl_flags, acl_flag_seen, acl_flag_del; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
149 |
|
6045
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
150 if (acl_get_write_rights(_mail->box, &acl_flags, &acl_flag_seen, |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
151 &acl_flag_del) < 0) { |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
152 acl_transaction_set_failure(_mail->transaction); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
153 return; |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
154 } |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
155 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
156 if (modify_type != MODIFY_REPLACE) { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
157 /* adding/removing flags. just remove the disallowed |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
158 flags from the mask. */ |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
159 if (!acl_flags) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
160 flags &= MAIL_SEEN | MAIL_DELETED; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
161 if (!acl_flag_seen) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
162 flags &= ~MAIL_SEEN; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
163 if (!acl_flag_del) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
164 flags &= ~MAIL_DELETED; |
|
6045
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
165 } else if (!acl_flags || !acl_flag_seen || !acl_flag_del) { |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
166 /* we don't have permission to replace all the flags. */ |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
167 if (!acl_flags && !acl_flag_seen && !acl_flag_del) { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
168 /* no flag changes allowed. ignore silently. */ |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
169 return; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
170 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
171 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
172 /* handle this by first removing the allowed flags and |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
173 then adding the allowed flags */ |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
174 acl_mail_update_flags(_mail, MODIFY_REMOVE, ~flags); |
|
7498
85b48992cc97
ACL: If any of the flag set rights were given, STORE FLAGS allowed replacing
Timo Sirainen <tss@iki.fi>
parents:
7497
diff
changeset
|
175 if (flags != 0) |
|
85b48992cc97
ACL: If any of the flag set rights were given, STORE FLAGS allowed replacing
Timo Sirainen <tss@iki.fi>
parents:
7497
diff
changeset
|
176 acl_mail_update_flags(_mail, MODIFY_ADD, flags); |
|
85b48992cc97
ACL: If any of the flag set rights were given, STORE FLAGS allowed replacing
Timo Sirainen <tss@iki.fi>
parents:
7497
diff
changeset
|
177 return; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
178 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
179 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
180 amail->super.update_flags(_mail, modify_type, flags); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
181 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
182 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
183 static void |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
184 acl_mail_update_keywords(struct mail *_mail, enum modify_type modify_type, |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
185 struct mail_keywords *keywords) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
186 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
187 struct mail_private *mail = (struct mail_private *)_mail; |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
188 union mail_module_context *amail = ACL_MAIL_CONTEXT(mail); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
189 int ret; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
190 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
191 ret = acl_mailbox_right_lookup(_mail->box, ACL_STORAGE_RIGHT_WRITE); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
192 if (ret <= 0) { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
193 /* if we don't have permission, just silently return success. */ |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
194 if (ret < 0) |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
195 acl_transaction_set_failure(_mail->transaction); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
196 return; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
197 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
198 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
199 amail->super.update_keywords(_mail, modify_type, keywords); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
200 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
201 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
202 static void acl_mail_expunge(struct mail *_mail) |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
203 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
204 struct mail_private *mail = (struct mail_private *)_mail; |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
205 union mail_module_context *amail = ACL_MAIL_CONTEXT(mail); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
206 int ret; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
207 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
208 ret = acl_mailbox_right_lookup(_mail->box, ACL_STORAGE_RIGHT_EXPUNGE); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
209 if (ret <= 0) { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
210 /* if we don't have permission, silently return success so |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
211 users won't see annoying error messages in case their |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
212 clients try automatic expunging. */ |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
213 if (ret < 0) |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
214 acl_transaction_set_failure(_mail->transaction); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
215 return; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
216 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
217 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
218 amail->super.expunge(_mail); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
219 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
220 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
221 static struct mail * |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
222 acl_mail_alloc(struct mailbox_transaction_context *t, |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
223 enum mail_fetch_field wanted_fields, |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
224 struct mailbox_header_lookup_ctx *wanted_headers) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
225 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
226 struct acl_mailbox *abox = ACL_CONTEXT(t->box); |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
227 union mail_module_context *amail; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
228 struct mail *_mail; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
229 struct mail_private *mail; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
230 |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
231 _mail = abox->module_ctx.super. |
|
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
232 mail_alloc(t, wanted_fields, wanted_headers); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
233 mail = (struct mail_private *)_mail; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
234 |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
235 amail = p_new(mail->pool, union mail_module_context, 1); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
236 amail->super = mail->v; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
237 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
238 mail->v.update_flags = acl_mail_update_flags; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
239 mail->v.update_keywords = acl_mail_update_keywords; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
240 mail->v.expunge = acl_mail_expunge; |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
241 MODULE_CONTEXT_SET_SELF(mail, acl_mail_module, amail); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
242 return _mail; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
243 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
244 |
|
6045
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
245 static int acl_save_get_flags(struct mailbox *box, enum mail_flags *flags, |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
246 struct mail_keywords **keywords) |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
247 { |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
248 bool acl_flags, acl_flag_seen, acl_flag_del; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
249 |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
250 if (acl_get_write_rights(box, &acl_flags, &acl_flag_seen, |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
251 &acl_flag_del) < 0) |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
252 return -1; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
253 |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
254 if (!acl_flag_seen) |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
255 *flags &= ~MAIL_SEEN; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
256 if (!acl_flag_del) |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
257 *flags &= ~MAIL_DELETED; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
258 if (!acl_flags) { |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
259 *flags &= MAIL_SEEN | MAIL_DELETED; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
260 *keywords = NULL; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
261 } |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
262 return 0; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
263 } |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
264 |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
265 static int |
|
8075
8a068f879cd1
mailbox_save_init() API was split to multiple functions.
Timo Sirainen <tss@iki.fi>
parents:
8038
diff
changeset
|
266 acl_save_begin(struct mail_save_context *ctx, struct istream *input) |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
267 { |
|
8075
8a068f879cd1
mailbox_save_init() API was split to multiple functions.
Timo Sirainen <tss@iki.fi>
parents:
8038
diff
changeset
|
268 struct mailbox *box = ctx->transaction->box; |
|
8a068f879cd1
mailbox_save_init() API was split to multiple functions.
Timo Sirainen <tss@iki.fi>
parents:
8038
diff
changeset
|
269 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
8428
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
270 enum acl_storage_rights save_right; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
271 |
|
8428
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
272 save_right = (box->open_flags & MAILBOX_OPEN_POST_SESSION) != 0 ? |
|
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
273 ACL_STORAGE_RIGHT_POST : ACL_STORAGE_RIGHT_INSERT; |
|
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
274 if (acl_mailbox_right_lookup(box, save_right) <= 0) |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
275 return -1; |
|
8075
8a068f879cd1
mailbox_save_init() API was split to multiple functions.
Timo Sirainen <tss@iki.fi>
parents:
8038
diff
changeset
|
276 if (acl_save_get_flags(box, &ctx->flags, &ctx->keywords) < 0) |
|
6045
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
277 return -1; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
278 |
|
8075
8a068f879cd1
mailbox_save_init() API was split to multiple functions.
Timo Sirainen <tss@iki.fi>
parents:
8038
diff
changeset
|
279 return abox->module_ctx.super.save_begin(ctx, input); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
280 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
281 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
282 static int |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
283 acl_copy(struct mailbox_transaction_context *t, struct mail *mail, |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
284 enum mail_flags flags, struct mail_keywords *keywords, |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
285 struct mail *dest_mail) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
286 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
287 struct acl_mailbox *abox = ACL_CONTEXT(t->box); |
|
8428
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
288 enum acl_storage_rights save_right; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
289 |
|
8428
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
290 save_right = (t->box->open_flags & MAILBOX_OPEN_POST_SESSION) != 0 ? |
|
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
291 ACL_STORAGE_RIGHT_POST : ACL_STORAGE_RIGHT_INSERT; |
|
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
292 if (acl_mailbox_right_lookup(t->box, save_right) <= 0) |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
293 return -1; |
|
6045
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
294 if (acl_save_get_flags(t->box, &flags, &keywords) < 0) |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
295 return -1; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
296 |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
297 return abox->module_ctx.super.copy(t, mail, flags, keywords, dest_mail); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
298 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
299 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
300 static int |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
301 acl_transaction_commit(struct mailbox_transaction_context *ctx, |
|
6512
1a3604c8ee05
mailbox_transaction_commit*() doesn't sync the mailbox anymore, so it
Timo Sirainen <tss@iki.fi>
parents:
6429
diff
changeset
|
302 uint32_t *uid_validity_r, |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
303 uint32_t *first_saved_uid_r, uint32_t *last_saved_uid_r) |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
304 { |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
305 struct acl_mailbox *abox = ACL_CONTEXT(ctx->box); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
306 void *at = ACL_CONTEXT(ctx); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
307 |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
308 if (at != NULL) { |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
309 abox->module_ctx.super.transaction_rollback(ctx); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
310 return -1; |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
311 } |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
312 |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
313 return abox->module_ctx.super. |
|
6512
1a3604c8ee05
mailbox_transaction_commit*() doesn't sync the mailbox anymore, so it
Timo Sirainen <tss@iki.fi>
parents:
6429
diff
changeset
|
314 transaction_commit(ctx, uid_validity_r, |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
315 first_saved_uid_r, last_saved_uid_r); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
316 } |
|
7497
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
317 |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
318 static int |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
319 acl_keywords_create(struct mailbox *box, const char *const keywords[], |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
320 struct mail_keywords **keywords_r, bool skip_invalid) |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
321 { |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
322 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
323 int ret; |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
324 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
325 ret = acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE); |
|
7497
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
326 if (ret < 0) { |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
327 if (!skip_invalid) |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
328 return -1; |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
329 /* we can't return failure. assume we don't have permissions. */ |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
330 ret = 0; |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
331 } |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
332 |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
333 if (ret == 0) { |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
334 /* no permission to update any flags. just return empty |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
335 keywords list. */ |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
336 const char *null = NULL; |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
337 |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
338 return abox->module_ctx.super.keywords_create(box, &null, |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
339 keywords_r, |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
340 skip_invalid); |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
341 } |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
342 |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
343 return abox->module_ctx.super.keywords_create(box, keywords, |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
344 keywords_r, skip_invalid); |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
345 } |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
346 |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
347 struct mailbox *acl_mailbox_open_box(struct mailbox *box) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
348 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
349 struct acl_mail_storage *astorage = ACL_CONTEXT(box->storage); |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
350 struct acl_mailbox *abox; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
351 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
352 abox = p_new(box->pool, struct acl_mailbox, 1); |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
353 abox->module_ctx.super = box->v; |
|
5540
1216c0ebe492
acl_backend is now tied to mailbox_list instead of mail_storage.
Timo Sirainen <tss@iki.fi>
parents:
5450
diff
changeset
|
354 abox->aclobj = acl_object_init_from_name(astorage->rights.backend, |
|
1216c0ebe492
acl_backend is now tied to mailbox_list instead of mail_storage.
Timo Sirainen <tss@iki.fi>
parents:
5450
diff
changeset
|
355 box->storage, |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
356 mailbox_get_name(box)); |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
357 |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
358 box->v.is_readonly = acl_is_readonly; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
359 box->v.allow_new_keywords = acl_allow_new_keywords; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
360 box->v.close = acl_mailbox_close; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
361 box->v.mail_alloc = acl_mail_alloc; |
|
8075
8a068f879cd1
mailbox_save_init() API was split to multiple functions.
Timo Sirainen <tss@iki.fi>
parents:
8038
diff
changeset
|
362 box->v.save_begin = acl_save_begin; |
|
7497
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
363 box->v.keywords_create = acl_keywords_create; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
364 box->v.copy = acl_copy; |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
365 box->v.transaction_commit = acl_transaction_commit; |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
366 MODULE_CONTEXT_SET(box, acl_storage_module, abox); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
367 return box; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
368 } |