Mercurial > dovecot > original-hg > dovecot-1.2
changeset 4535:e3f963c1773e HEAD
If .DEFAULT file exists in global ACL root directory, use it as the default
ACLs for all mailboxes.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Fri, 04 Aug 2006 19:28:28 +0300 |
parents | dee19849654b |
children | 24377a486de5 |
files | src/plugins/acl/acl-api-private.h src/plugins/acl/acl-api.c src/plugins/acl/acl-backend.c |
diffstat | 3 files changed, 39 insertions(+), 13 deletions(-) [+] |
line wrap: on
line diff
--- a/src/plugins/acl/acl-api-private.h Thu Aug 03 19:21:58 2006 +0300 +++ b/src/plugins/acl/acl-api-private.h Fri Aug 04 19:28:28 2006 +0300 @@ -31,7 +31,9 @@ struct mail_storage *storage; struct acl_cache *cache; - struct acl_mask *default_rights; + + struct acl_object *default_aclobj; + struct acl_mask *default_aclmask; struct acl_backend_vfuncs v; };
--- a/src/plugins/acl/acl-api.c Thu Aug 03 19:21:58 2006 +0300 +++ b/src/plugins/acl/acl-api.c Fri Aug 04 19:28:28 2006 +0300 @@ -31,22 +31,39 @@ aclobj->backend->v.object_deinit(aclobj); } +static int acl_backend_get_default_rights(struct acl_backend *backend, + const struct acl_mask **mask_r) +{ + if (backend->v.object_refresh_cache(backend->default_aclobj) < 0) + return -1; + + *mask_r = acl_cache_get_my_rights(backend->cache, ""); + if (*mask_r == NULL) + *mask_r = backend->default_aclmask; + return 0; +} + int acl_object_have_right(struct acl_object *aclobj, unsigned int right_idx) { + struct acl_backend *backend = aclobj->backend; const struct acl_mask *have_mask; unsigned int mask_idx; if (*aclobj->name == '\0') { /* we want to look up default rights */ - have_mask = aclobj->backend->default_rights; + if (acl_backend_get_default_rights(backend, &have_mask) < 0) + return -1; } else { - if (aclobj->backend->v.object_refresh_cache(aclobj) < 0) + if (backend->v.object_refresh_cache(aclobj) < 0) return -1; - have_mask = acl_cache_get_my_rights(aclobj->backend->cache, + have_mask = acl_cache_get_my_rights(backend->cache, aclobj->name); - if (have_mask == NULL) - have_mask = aclobj->backend->default_rights; + if (have_mask == NULL) { + if (acl_backend_get_default_rights(backend, + &have_mask) < 0) + return -1; + } } mask_idx = right_idx / CHAR_BIT; @@ -58,6 +75,7 @@ int acl_object_get_my_rights(struct acl_object *aclobj, pool_t pool, const char *const **rights_r) { + struct acl_backend *backend = aclobj->backend; const struct acl_mask *mask; const char *const *names; const char **buf, **rights; @@ -65,21 +83,24 @@ if (*aclobj->name == '\0') { /* we want to look up default rights */ - mask = aclobj->backend->default_rights; + if (acl_backend_get_default_rights(backend, &mask) < 0) + return -1; } else { - if (aclobj->backend->v.object_refresh_cache(aclobj) < 0) + if (backend->v.object_refresh_cache(aclobj) < 0) return -1; - mask = acl_cache_get_my_rights(aclobj->backend->cache, + mask = acl_cache_get_my_rights(backend->cache, aclobj->name); - if (mask == NULL) - mask = aclobj->backend->default_rights; + if (mask == NULL) { + if (acl_backend_get_default_rights(backend, &mask) < 0) + return -1; + } } if (!pool->datastack_pool) t_push(); - names = acl_cache_get_names(aclobj->backend->cache, &names_count); + names = acl_cache_get_names(backend->cache, &names_count); buf = t_new(const char *, (mask->size * CHAR_BIT) + 1); count = 0; for (i = 0, name_idx = 0; i < mask->size; i++) {
--- a/src/plugins/acl/acl-backend.c Thu Aug 03 19:21:58 2006 +0300 +++ b/src/plugins/acl/acl-backend.c Fri Aug 04 19:28:28 2006 +0300 @@ -50,7 +50,7 @@ storage_owner = owner_username != NULL && strcmp(acl_username, owner_username) == 0; - backend->default_rights = + backend->default_aclmask = acl_cache_mask_init(backend->cache, backend->pool, storage_owner ? owner_mailbox_rights : non_owner_mailbox_rights); @@ -63,6 +63,8 @@ qsort(backend->groups, group_count, sizeof(const char *), strcmp_p); } + + backend->default_aclobj = acl_object_init_from_name(backend, ""); return backend; } @@ -72,6 +74,7 @@ *_backend = NULL; + acl_object_deinit(&backend->default_aclobj); acl_cache_deinit(&backend->cache); backend->v.deinit(backend); }