Mercurial > dovecot > original-hg > dovecot-1.2
changeset 8420:f60d9dd18722 HEAD
acl: Always give admin right to owner in private mailboxes.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sun, 16 Nov 2008 13:48:10 +0200 |
parents | b8a3b8d6c60c |
children | 2df1b964d32a |
files | src/plugins/acl/acl-backend-vfile.c |
diffstat | 1 files changed, 18 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/plugins/acl/acl-backend-vfile.c Sun Nov 16 13:41:17 2008 +0200 +++ b/src/plugins/acl/acl-backend-vfile.c Sun Nov 16 13:48:10 2008 +0200 @@ -704,8 +704,10 @@ static void acl_backend_vfile_cache_rebuild(struct acl_object_vfile *aclobj) { + static const char *const admin_rights[] = { MAIL_ACL_ADMIN, NULL }; + struct mail_namespace *ns; struct acl_object *_aclobj = &aclobj->aclobj; - struct acl_rights_update ru; + struct acl_rights_update ru, ru2; const struct acl_rights *rights; unsigned int i, count; bool first_global = TRUE; @@ -715,6 +717,12 @@ if (!array_is_created(&aclobj->rights)) return; + ns = mailbox_list_get_namespace(_aclobj->backend->list); + memset(&ru2, 0, sizeof(ru2)); + ru2.modify_mode = ACL_MODIFY_MODE_ADD; + ru2.rights.id_type = ACL_ID_OWNER; + ru2.rights.rights = admin_rights; + memset(&ru, 0, sizeof(ru)); rights = array_get(&aclobj->rights, &count); for (i = 0; i < count; i++) { @@ -731,9 +739,18 @@ can't mess things up via them */ first_global = FALSE; ru.neg_modify_mode = ACL_MODIFY_MODE_REPLACE; + + if (ns->type == NAMESPACE_PRIVATE) { + /* make sure owner has admin rights + (at least before global ACLs are applied) */ + acl_cache_update(_aclobj->backend->cache, + _aclobj->name, &ru2); + } } acl_cache_update(_aclobj->backend->cache, _aclobj->name, &ru); } + if (first_global && ns->type == NAMESPACE_PRIVATE) + acl_cache_update(_aclobj->backend->cache, _aclobj->name, &ru2); } static int acl_backend_vfile_object_refresh_cache(struct acl_object *_aclobj)