Mercurial > dovecot > core-2.2
annotate src/plugins/acl/acl-mailbox.c @ 9434:e374a365521d HEAD
Initial commit for making mail_storage:mailbox_list to be from 1:1 to n:n.
This will allow namespaces to share the same storage and a single namespace
to have multiple storages (multiple mailbox formats). Neither works
currently, and this commit probably breaks some things.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Tue, 02 Jun 2009 22:30:28 -0400 |
| parents | 68db63cc32b3 |
| children | 653183a81b6c |
| rev | line source |
|---|---|
|
8590
b9faf4db2a9f
Updated copyright notices to include year 2009.
Timo Sirainen <tss@iki.fi>
parents:
8433
diff
changeset
|
1 /* Copyright (c) 2006-2009 Dovecot authors, see the included COPYING file */ |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
2 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
3 /* FIXME: If we don't have permission to change flags/keywords, the changes |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
4 should still be stored temporarily for this session. However most clients |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
5 don't care and it's a huge job, so I currently this isn't done. The same |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
6 problem actually exists when opening read-only mailboxes. */ |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
7 #include "lib.h" |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
8 #include "array.h" |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
9 #include "istream.h" |
|
5448
beabd433cdae
Moved delete/rename operations to mailbox_list API. Fixed mbox/maildir to
Timo Sirainen <tss@iki.fi>
parents:
4451
diff
changeset
|
10 #include "mailbox-list-private.h" |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
11 #include "acl-api-private.h" |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
12 #include "acl-plugin.h" |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
13 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
14 #include <sys/stat.h> |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
15 |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
16 #define ACL_MAIL_CONTEXT(obj) \ |
|
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
17 MODULE_CONTEXT(obj, acl_mail_module) |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
18 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
19 struct acl_mailbox { |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
20 union mailbox_module_context module_ctx; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
21 struct acl_object *aclobj; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
22 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
23 unsigned int save_hack:1; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
24 }; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
25 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
26 struct acl_transaction_context { |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
27 union mailbox_transaction_module_context module_ctx; |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
28 }; |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
29 |
|
6048
a4c03ced38c3
Fail get_status() lookup if user has no READ right to the mailbox.
Timo Sirainen <tss@iki.fi>
parents:
6045
diff
changeset
|
30 static MODULE_CONTEXT_DEFINE_INIT(acl_mail_module, &mail_module_register); |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
31 static struct acl_transaction_context acl_transaction_failure; |
|
6048
a4c03ced38c3
Fail get_status() lookup if user has no READ right to the mailbox.
Timo Sirainen <tss@iki.fi>
parents:
6045
diff
changeset
|
32 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
33 struct acl_object *acl_mailbox_get_aclobj(struct mailbox *box) |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
34 { |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
35 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
36 |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
37 return abox->aclobj; |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
38 } |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
39 |
|
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
40 int acl_mailbox_right_lookup(struct mailbox *box, unsigned int right_idx) |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
41 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
42 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
9434
e374a365521d
Initial commit for making mail_storage:mailbox_list to be from 1:1 to n:n.
Timo Sirainen <tss@iki.fi>
parents:
8726
diff
changeset
|
43 struct acl_mailbox_list *alist = ACL_LIST_CONTEXT(box->list); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
44 int ret; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
45 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
46 ret = acl_object_have_right(abox->aclobj, |
|
9434
e374a365521d
Initial commit for making mail_storage:mailbox_list to be from 1:1 to n:n.
Timo Sirainen <tss@iki.fi>
parents:
8726
diff
changeset
|
47 alist->rights.acl_storage_right_idx[right_idx]); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
48 if (ret > 0) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
49 return 1; |
|
5540
1216c0ebe492
acl_backend is now tied to mailbox_list instead of mail_storage.
Timo Sirainen <tss@iki.fi>
parents:
5450
diff
changeset
|
50 if (ret < 0) { |
|
1216c0ebe492
acl_backend is now tied to mailbox_list instead of mail_storage.
Timo Sirainen <tss@iki.fi>
parents:
5450
diff
changeset
|
51 mail_storage_set_internal_error(box->storage); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
52 return -1; |
|
5540
1216c0ebe492
acl_backend is now tied to mailbox_list instead of mail_storage.
Timo Sirainen <tss@iki.fi>
parents:
5450
diff
changeset
|
53 } |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
54 |
| 5613 | 55 mail_storage_set_error(box->storage, MAIL_ERROR_PERM, |
| 56 MAIL_ERRSTR_NO_PERMISSION); | |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
57 return 0; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
58 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
59 |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
60 static bool acl_is_readonly(struct mailbox *box) |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
61 { |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
62 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
8428
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
63 enum acl_storage_rights save_right; |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
64 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
65 if (abox->module_ctx.super.is_readonly(box)) |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
66 return TRUE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
67 |
|
8428
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
68 save_right = (box->open_flags & MAILBOX_OPEN_POST_SESSION) != 0 ? |
|
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
69 ACL_STORAGE_RIGHT_POST : ACL_STORAGE_RIGHT_INSERT; |
|
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
70 if (acl_mailbox_right_lookup(box, save_right) > 0) |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
71 return FALSE; |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
72 if (acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_EXPUNGE) > 0) |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
73 return FALSE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
74 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
75 /* Next up is the "shared flag rights" */ |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
76 if (acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE) > 0) |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
77 return FALSE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
78 if ((box->private_flags_mask & MAIL_DELETED) == 0 && |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
79 acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE_DELETED) > 0) |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
80 return FALSE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
81 if ((box->private_flags_mask & MAIL_SEEN) == 0 && |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
82 acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE_SEEN) > 0) |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
83 return FALSE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
84 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
85 return TRUE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
86 } |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
87 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
88 static bool acl_allow_new_keywords(struct mailbox *box) |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
89 { |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
90 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
91 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
92 if (!abox->module_ctx.super.allow_new_keywords(box)) |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
93 return FALSE; |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
94 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
95 return acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE) > 0; |
|
6053
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
96 } |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
97 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
98 static int acl_mailbox_close(struct mailbox *box) |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
99 { |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
100 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
101 |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
102 acl_object_deinit(&abox->aclobj); |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
103 return abox->module_ctx.super.close(box); |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
104 } |
|
e6f3f17da3e7
Return mailbox as READ-WRITE only if mailbox has rights to expunge, insert
Timo Sirainen <tss@iki.fi>
parents:
6048
diff
changeset
|
105 |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
106 static int |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
107 acl_get_write_rights(struct mailbox *box, |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
108 bool *flags_r, bool *flag_seen_r, bool *flag_del_r) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
109 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
110 int ret; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
111 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
112 ret = acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
113 if (ret < 0) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
114 return -1; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
115 *flags_r = ret > 0; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
116 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
117 ret = acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE_SEEN); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
118 if (ret < 0) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
119 return -1; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
120 *flag_seen_r = ret > 0; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
121 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
122 ret = acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE_DELETED); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
123 if (ret < 0) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
124 return -1; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
125 *flag_del_r = ret > 0; |
|
6045
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
126 return 0; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
127 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
128 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
129 static void acl_transaction_set_failure(struct mailbox_transaction_context *t) |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
130 { |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
131 MODULE_CONTEXT_SET(t, acl_storage_module, |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
132 &acl_transaction_failure); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
133 } |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
134 |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
135 static void |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
136 acl_mail_update_flags(struct mail *_mail, enum modify_type modify_type, |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
137 enum mail_flags flags) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
138 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
139 struct mail_private *mail = (struct mail_private *)_mail; |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
140 union mail_module_context *amail = ACL_MAIL_CONTEXT(mail); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
141 bool acl_flags, acl_flag_seen, acl_flag_del; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
142 |
|
6045
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
143 if (acl_get_write_rights(_mail->box, &acl_flags, &acl_flag_seen, |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
144 &acl_flag_del) < 0) { |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
145 acl_transaction_set_failure(_mail->transaction); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
146 return; |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
147 } |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
148 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
149 if (modify_type != MODIFY_REPLACE) { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
150 /* adding/removing flags. just remove the disallowed |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
151 flags from the mask. */ |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
152 if (!acl_flags) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
153 flags &= MAIL_SEEN | MAIL_DELETED; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
154 if (!acl_flag_seen) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
155 flags &= ~MAIL_SEEN; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
156 if (!acl_flag_del) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
157 flags &= ~MAIL_DELETED; |
|
6045
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
158 } else if (!acl_flags || !acl_flag_seen || !acl_flag_del) { |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
159 /* we don't have permission to replace all the flags. */ |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
160 if (!acl_flags && !acl_flag_seen && !acl_flag_del) { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
161 /* no flag changes allowed. ignore silently. */ |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
162 return; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
163 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
164 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
165 /* handle this by first removing the allowed flags and |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
166 then adding the allowed flags */ |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
167 acl_mail_update_flags(_mail, MODIFY_REMOVE, ~flags); |
|
7498
85b48992cc97
ACL: If any of the flag set rights were given, STORE FLAGS allowed replacing
Timo Sirainen <tss@iki.fi>
parents:
7497
diff
changeset
|
168 if (flags != 0) |
|
85b48992cc97
ACL: If any of the flag set rights were given, STORE FLAGS allowed replacing
Timo Sirainen <tss@iki.fi>
parents:
7497
diff
changeset
|
169 acl_mail_update_flags(_mail, MODIFY_ADD, flags); |
|
85b48992cc97
ACL: If any of the flag set rights were given, STORE FLAGS allowed replacing
Timo Sirainen <tss@iki.fi>
parents:
7497
diff
changeset
|
170 return; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
171 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
172 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
173 amail->super.update_flags(_mail, modify_type, flags); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
174 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
175 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
176 static void |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
177 acl_mail_update_keywords(struct mail *_mail, enum modify_type modify_type, |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
178 struct mail_keywords *keywords) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
179 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
180 struct mail_private *mail = (struct mail_private *)_mail; |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
181 union mail_module_context *amail = ACL_MAIL_CONTEXT(mail); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
182 int ret; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
183 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
184 ret = acl_mailbox_right_lookup(_mail->box, ACL_STORAGE_RIGHT_WRITE); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
185 if (ret <= 0) { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
186 /* if we don't have permission, just silently return success. */ |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
187 if (ret < 0) |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
188 acl_transaction_set_failure(_mail->transaction); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
189 return; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
190 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
191 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
192 amail->super.update_keywords(_mail, modify_type, keywords); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
193 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
194 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
195 static void acl_mail_expunge(struct mail *_mail) |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
196 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
197 struct mail_private *mail = (struct mail_private *)_mail; |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
198 union mail_module_context *amail = ACL_MAIL_CONTEXT(mail); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
199 int ret; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
200 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
201 ret = acl_mailbox_right_lookup(_mail->box, ACL_STORAGE_RIGHT_EXPUNGE); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
202 if (ret <= 0) { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
203 /* if we don't have permission, silently return success so |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
204 users won't see annoying error messages in case their |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
205 clients try automatic expunging. */ |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
206 if (ret < 0) |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
207 acl_transaction_set_failure(_mail->transaction); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
208 return; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
209 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
210 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
211 amail->super.expunge(_mail); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
212 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
213 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
214 static struct mail * |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
215 acl_mail_alloc(struct mailbox_transaction_context *t, |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
216 enum mail_fetch_field wanted_fields, |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
217 struct mailbox_header_lookup_ctx *wanted_headers) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
218 { |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
219 struct acl_mailbox *abox = ACL_CONTEXT(t->box); |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
220 union mail_module_context *amail; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
221 struct mail *_mail; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
222 struct mail_private *mail; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
223 |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
224 _mail = abox->module_ctx.super. |
|
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
225 mail_alloc(t, wanted_fields, wanted_headers); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
226 mail = (struct mail_private *)_mail; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
227 |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
228 amail = p_new(mail->pool, union mail_module_context, 1); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
229 amail->super = mail->v; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
230 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
231 mail->v.update_flags = acl_mail_update_flags; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
232 mail->v.update_keywords = acl_mail_update_keywords; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
233 mail->v.expunge = acl_mail_expunge; |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
234 MODULE_CONTEXT_SET_SELF(mail, acl_mail_module, amail); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
235 return _mail; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
236 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
237 |
|
6045
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
238 static int acl_save_get_flags(struct mailbox *box, enum mail_flags *flags, |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
239 struct mail_keywords **keywords) |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
240 { |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
241 bool acl_flags, acl_flag_seen, acl_flag_del; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
242 |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
243 if (acl_get_write_rights(box, &acl_flags, &acl_flag_seen, |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
244 &acl_flag_del) < 0) |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
245 return -1; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
246 |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
247 if (!acl_flag_seen) |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
248 *flags &= ~MAIL_SEEN; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
249 if (!acl_flag_del) |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
250 *flags &= ~MAIL_DELETED; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
251 if (!acl_flags) { |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
252 *flags &= MAIL_SEEN | MAIL_DELETED; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
253 *keywords = NULL; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
254 } |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
255 return 0; |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
256 } |
|
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
257 |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
258 static int |
|
8075
8a068f879cd1
mailbox_save_init() API was split to multiple functions.
Timo Sirainen <tss@iki.fi>
parents:
8038
diff
changeset
|
259 acl_save_begin(struct mail_save_context *ctx, struct istream *input) |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
260 { |
|
8075
8a068f879cd1
mailbox_save_init() API was split to multiple functions.
Timo Sirainen <tss@iki.fi>
parents:
8038
diff
changeset
|
261 struct mailbox *box = ctx->transaction->box; |
|
8a068f879cd1
mailbox_save_init() API was split to multiple functions.
Timo Sirainen <tss@iki.fi>
parents:
8038
diff
changeset
|
262 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
8428
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
263 enum acl_storage_rights save_right; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
264 |
|
8428
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
265 save_right = (box->open_flags & MAILBOX_OPEN_POST_SESSION) != 0 ? |
|
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
266 ACL_STORAGE_RIGHT_POST : ACL_STORAGE_RIGHT_INSERT; |
|
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
267 if (acl_mailbox_right_lookup(box, save_right) <= 0) |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
268 return -1; |
|
8075
8a068f879cd1
mailbox_save_init() API was split to multiple functions.
Timo Sirainen <tss@iki.fi>
parents:
8038
diff
changeset
|
269 if (acl_save_get_flags(box, &ctx->flags, &ctx->keywords) < 0) |
|
6045
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
270 return -1; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
271 |
|
8075
8a068f879cd1
mailbox_save_init() API was split to multiple functions.
Timo Sirainen <tss@iki.fi>
parents:
8038
diff
changeset
|
272 return abox->module_ctx.super.save_begin(ctx, input); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
273 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
274 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
275 static int |
|
8726
68db63cc32b3
Mail copying API changed to be based on save API. This allows extending it easily in future.
Timo Sirainen <tss@iki.fi>
parents:
8590
diff
changeset
|
276 acl_copy(struct mail_save_context *ctx, struct mail *mail) |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
277 { |
|
8726
68db63cc32b3
Mail copying API changed to be based on save API. This allows extending it easily in future.
Timo Sirainen <tss@iki.fi>
parents:
8590
diff
changeset
|
278 struct mailbox_transaction_context *t = ctx->transaction; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
279 struct acl_mailbox *abox = ACL_CONTEXT(t->box); |
|
8428
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
280 enum acl_storage_rights save_right; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
281 |
|
8428
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
282 save_right = (t->box->open_flags & MAILBOX_OPEN_POST_SESSION) != 0 ? |
|
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
283 ACL_STORAGE_RIGHT_POST : ACL_STORAGE_RIGHT_INSERT; |
|
1b7c0a216663
ACLs: Initial support for "post" right.
Timo Sirainen <tss@iki.fi>
parents:
8418
diff
changeset
|
284 if (acl_mailbox_right_lookup(t->box, save_right) <= 0) |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
285 return -1; |
|
8726
68db63cc32b3
Mail copying API changed to be based on save API. This allows extending it easily in future.
Timo Sirainen <tss@iki.fi>
parents:
8590
diff
changeset
|
286 if (acl_save_get_flags(t->box, &ctx->flags, &ctx->keywords) < 0) |
|
6045
840fb333defd
APPEND and COPY ignored s/t/w flag rights.
Timo Sirainen <tss@iki.fi>
parents:
5613
diff
changeset
|
287 return -1; |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
288 |
|
8726
68db63cc32b3
Mail copying API changed to be based on save API. This allows extending it easily in future.
Timo Sirainen <tss@iki.fi>
parents:
8590
diff
changeset
|
289 return abox->module_ctx.super.copy(ctx, mail); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
290 } |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
291 |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
292 static int |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
293 acl_transaction_commit(struct mailbox_transaction_context *ctx, |
|
6512
1a3604c8ee05
mailbox_transaction_commit*() doesn't sync the mailbox anymore, so it
Timo Sirainen <tss@iki.fi>
parents:
6429
diff
changeset
|
294 uint32_t *uid_validity_r, |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
295 uint32_t *first_saved_uid_r, uint32_t *last_saved_uid_r) |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
296 { |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
297 struct acl_mailbox *abox = ACL_CONTEXT(ctx->box); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
298 void *at = ACL_CONTEXT(ctx); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
299 |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
300 if (at != NULL) { |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
301 abox->module_ctx.super.transaction_rollback(ctx); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
302 return -1; |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
303 } |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
304 |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
305 return abox->module_ctx.super. |
|
6512
1a3604c8ee05
mailbox_transaction_commit*() doesn't sync the mailbox anymore, so it
Timo Sirainen <tss@iki.fi>
parents:
6429
diff
changeset
|
306 transaction_commit(ctx, uid_validity_r, |
|
6277
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
307 first_saved_uid_r, last_saved_uid_r); |
|
5f66277bbe40
mail_index_lookup*() can't fail anymore. Changed several APIs not to return
Timo Sirainen <tss@iki.fi>
parents:
6269
diff
changeset
|
308 } |
|
7497
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
309 |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
310 static int |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
311 acl_keywords_create(struct mailbox *box, const char *const keywords[], |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
312 struct mail_keywords **keywords_r, bool skip_invalid) |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
313 { |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
314 struct acl_mailbox *abox = ACL_CONTEXT(box); |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
315 int ret; |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
316 |
|
8418
29b1ec15880a
Added IMAP ACL commands with ability to modify ACLs.
Timo Sirainen <tss@iki.fi>
parents:
8075
diff
changeset
|
317 ret = acl_mailbox_right_lookup(box, ACL_STORAGE_RIGHT_WRITE); |
|
7497
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
318 if (ret < 0) { |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
319 if (!skip_invalid) |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
320 return -1; |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
321 /* we can't return failure. assume we don't have permissions. */ |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
322 ret = 0; |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
323 } |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
324 |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
325 if (ret == 0) { |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
326 /* no permission to update any flags. just return empty |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
327 keywords list. */ |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
328 const char *null = NULL; |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
329 |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
330 return abox->module_ctx.super.keywords_create(box, &null, |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
331 keywords_r, |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
332 skip_invalid); |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
333 } |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
334 |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
335 return abox->module_ctx.super.keywords_create(box, keywords, |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
336 keywords_r, skip_invalid); |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
337 } |
|
1c1dc9d1f383
ACL: If we don't have 'w' access, don't allow creating new keywords.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
338 |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
339 struct mailbox *acl_mailbox_open_box(struct mailbox *box) |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
340 { |
|
9434
e374a365521d
Initial commit for making mail_storage:mailbox_list to be from 1:1 to n:n.
Timo Sirainen <tss@iki.fi>
parents:
8726
diff
changeset
|
341 struct acl_mailbox_list *alist = ACL_LIST_CONTEXT(box->list); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
342 struct acl_mailbox *abox; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
343 |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
344 abox = p_new(box->pool, struct acl_mailbox, 1); |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
345 abox->module_ctx.super = box->v; |
|
9434
e374a365521d
Initial commit for making mail_storage:mailbox_list to be from 1:1 to n:n.
Timo Sirainen <tss@iki.fi>
parents:
8726
diff
changeset
|
346 abox->aclobj = acl_object_init_from_name(alist->rights.backend, |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
347 mailbox_get_name(box)); |
|
8429
633f5ff81767
Fixed OPEN_IGNORE_ACLS flag to work again with imap-acl plugin.
Timo Sirainen <tss@iki.fi>
parents:
8428
diff
changeset
|
348 |
|
633f5ff81767
Fixed OPEN_IGNORE_ACLS flag to work again with imap-acl plugin.
Timo Sirainen <tss@iki.fi>
parents:
8428
diff
changeset
|
349 if ((box->open_flags & MAILBOX_OPEN_IGNORE_ACLS) == 0) { |
|
633f5ff81767
Fixed OPEN_IGNORE_ACLS flag to work again with imap-acl plugin.
Timo Sirainen <tss@iki.fi>
parents:
8428
diff
changeset
|
350 box->v.is_readonly = acl_is_readonly; |
|
633f5ff81767
Fixed OPEN_IGNORE_ACLS flag to work again with imap-acl plugin.
Timo Sirainen <tss@iki.fi>
parents:
8428
diff
changeset
|
351 box->v.allow_new_keywords = acl_allow_new_keywords; |
|
633f5ff81767
Fixed OPEN_IGNORE_ACLS flag to work again with imap-acl plugin.
Timo Sirainen <tss@iki.fi>
parents:
8428
diff
changeset
|
352 box->v.close = acl_mailbox_close; |
|
633f5ff81767
Fixed OPEN_IGNORE_ACLS flag to work again with imap-acl plugin.
Timo Sirainen <tss@iki.fi>
parents:
8428
diff
changeset
|
353 box->v.mail_alloc = acl_mail_alloc; |
|
633f5ff81767
Fixed OPEN_IGNORE_ACLS flag to work again with imap-acl plugin.
Timo Sirainen <tss@iki.fi>
parents:
8428
diff
changeset
|
354 box->v.save_begin = acl_save_begin; |
|
633f5ff81767
Fixed OPEN_IGNORE_ACLS flag to work again with imap-acl plugin.
Timo Sirainen <tss@iki.fi>
parents:
8428
diff
changeset
|
355 box->v.keywords_create = acl_keywords_create; |
|
633f5ff81767
Fixed OPEN_IGNORE_ACLS flag to work again with imap-acl plugin.
Timo Sirainen <tss@iki.fi>
parents:
8428
diff
changeset
|
356 box->v.copy = acl_copy; |
|
633f5ff81767
Fixed OPEN_IGNORE_ACLS flag to work again with imap-acl plugin.
Timo Sirainen <tss@iki.fi>
parents:
8428
diff
changeset
|
357 box->v.transaction_commit = acl_transaction_commit; |
|
633f5ff81767
Fixed OPEN_IGNORE_ACLS flag to work again with imap-acl plugin.
Timo Sirainen <tss@iki.fi>
parents:
8428
diff
changeset
|
358 } |
|
5450
7a6db5ec047d
Better type safety to module_contexts arrays. Already fixed some bugs.
Timo Sirainen <tss@iki.fi>
parents:
5448
diff
changeset
|
359 MODULE_CONTEXT_SET(box, acl_storage_module, abox); |
|
4077
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
360 return box; |
|
73573b9ecb00
Added initial support for ACLs. Currently supports reading the ACLs from files. Since no proper support for shared folders exist yet, this is mostly intended to be used only for preventing users from fully accessing the mailboxes they'd otherwise have full access to. It anyway does support "master user" having different ACLs to mailboxes.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
361 } |