Mercurial > dovecot > original-hg > dovecot-1.2
changeset 7497:1c1dc9d1f383 HEAD
ACL: If we don't have 'w' access, don't allow creating new keywords.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 05 May 2008 00:18:56 +0300 |
parents | 036d06b57bd1 |
children | 85b48992cc97 |
files | src/plugins/acl/acl-mailbox.c |
diffstat | 1 files changed, 31 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/src/plugins/acl/acl-mailbox.c Sun May 04 23:47:40 2008 +0300 +++ b/src/plugins/acl/acl-mailbox.c Mon May 05 00:18:56 2008 +0300 @@ -295,6 +295,36 @@ transaction_commit(ctx, uid_validity_r, first_saved_uid_r, last_saved_uid_r); } + +static int +acl_keywords_create(struct mailbox *box, const char *const keywords[], + struct mail_keywords **keywords_r, bool skip_invalid) +{ + struct acl_mailbox *abox = ACL_CONTEXT(box); + int ret; + + ret = mailbox_acl_right_lookup(box, ACL_STORAGE_RIGHT_WRITE); + if (ret < 0) { + if (!skip_invalid) + return -1; + /* we can't return failure. assume we don't have permissions. */ + ret = 0; + } + + if (ret == 0) { + /* no permission to update any flags. just return empty + keywords list. */ + const char *null = NULL; + + return abox->module_ctx.super.keywords_create(box, &null, + keywords_r, + skip_invalid); + } + + return abox->module_ctx.super.keywords_create(box, keywords, + keywords_r, skip_invalid); +} + struct mailbox *acl_mailbox_open_box(struct mailbox *box) { struct acl_mail_storage *astorage = ACL_CONTEXT(box->storage); @@ -311,6 +341,7 @@ box->v.close = acl_mailbox_close; box->v.mail_alloc = acl_mail_alloc; box->v.save_init = acl_save_init; + box->v.keywords_create = acl_keywords_create; box->v.copy = acl_copy; box->v.transaction_commit = acl_transaction_commit; MODULE_CONTEXT_SET(box, acl_storage_module, abox);