Mercurial > dovecot > original-hg > dovecot-1.2

changeset 8423:1f93b1bd8a32 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
IMAP ACLs: Use '#' prefix for global ACLs.
author Timo Sirainen <tss@iki.fi>
date Sun, 16 Nov 2008 14:24:52 +0200
parents 6d97abf20724
children e758515bbbbf
files src/plugins/imap-acl/imap-acl-plugin.c
diffstat 1 files changed, 17 insertions(+), 8 deletions(-) [+]
line wrap: on
line diff
--- a/src/plugins/imap-acl/imap-acl-plugin.c	Sun Nov 16 14:15:13 2008 +0200
+++ b/src/plugins/imap-acl/imap-acl-plugin.c	Sun Nov 16 14:24:52 2008 +0200
@@ -24,6 +24,7 @@
 #define IMAP_ACL_OWNER "owner"
 #define IMAP_ACL_GROUP_PREFIX "$"
 #define IMAP_ACL_GROUP_OVERRIDE_PREFIX "!$"
+#define IMAP_ACL_GLOBAL_PREFIX "#"
 
 struct imap_acl_letter_map {
 	char letter;
@@ -125,6 +126,8 @@
 	if (neg) str_append_c(dest,'-');
 
 	str_truncate(tmp, 0);
+	if (right->global)
+		str_append(tmp, IMAP_ACL_GLOBAL_PREFIX);
 	switch (right->id_type) {
 	case ACL_ID_ANYONE:
 		str_append(tmp, IMAP_ACL_ANYONE);
@@ -306,8 +309,16 @@
 }
 
 static int
-imap_acl_identifier_parse(const char *id, struct acl_rights *rights)
+imap_acl_identifier_parse(const char *id, struct acl_rights *rights,
+			  const char **error_r)
 {
+	if (strncmp(id, IMAP_ACL_GLOBAL_PREFIX,
+		    strlen(IMAP_ACL_GLOBAL_PREFIX)) == 0) {
+		*error_r = t_strdup_printf("Global ACLs can't be modified: %s",
+					   id);
+		return -1;
+	}
+
 	if (strcmp(id, IMAP_ACL_ANYONE) == 0)
 		rights->id_type = ACL_ID_ANYONE;
 	else if (strcmp(id, IMAP_ACL_AUTHENTICATED) == 0)
@@ -349,9 +360,8 @@
 		identifier++;
 	}
 
-	if (imap_acl_identifier_parse(identifier, &update.rights) < 0) {
-		client_send_command_error(cmd,
-			t_strdup_printf("Invalid identifier: %s", identifier));
+	if (imap_acl_identifier_parse(identifier, &update.rights, &error) < 0) {
+		client_send_command_error(cmd, error);
 		return TRUE;
 	}
 	if (imap_acl_letters_parse(rights, &update.rights.rights, &error) < 0) {
@@ -396,7 +406,7 @@
 {
 	struct mailbox *box;
 	struct acl_rights_update update;
-	const char *mailbox, *identifier;
+	const char *mailbox, *identifier, *error;
 
 	if (!client_read_string_args(cmd, 2, &mailbox, &identifier) ||
 	    *identifier == '\0') {
@@ -412,9 +422,8 @@
 		identifier++;
 	}
 
-	if (imap_acl_identifier_parse(identifier, &update.rights) < 0) {
-		client_send_command_error(cmd,
-			t_strdup_printf("Invalid identifier: %s", identifier));
+	if (imap_acl_identifier_parse(identifier, &update.rights, &error) < 0) {
+		client_send_command_error(cmd, error);
 		return TRUE;
 	}