← Back to branch summary

~ubuntu-branches/ubuntu/wily/dovecot/wily

« back to all changes in this revision

Viewing changes to src/plugins/acl/acl-api.c

  • Committer: Package Import Robot
  • Author(s): Jaldhar H. Vyas
  • Date: 2013-09-09 00:57:32 UTC
  • mfrom: (1.13.11)
  • mto: (4.8.5 experimental) (1.16.1)
  • mto: This revision was merged to the branch mainline in revision 97.
  • Revision ID: package-import@ubuntu.com-20130909005732-dn1eell8srqbhh0e
Tags: upstream-2.2.5
ImportĀ upstreamĀ versionĀ 2.2.5

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/plugins/acl/acl-api.c
1
 
/* Copyright (c) 2006-2012 Dovecot authors, see the included COPYING file */
 
1
/* Copyright (c) 2006-2013 Dovecot authors, see the included COPYING file */
2
2
 
3
3
#include "lib.h"
 
4
#include "array.h"
4
5
#include "str.h"
5
6
#include "hash.h"
 
7
#include "mail-user.h"
 
8
#include "mailbox-list.h"
6
9
#include "acl-cache.h"
7
10
#include "acl-api-private.h"
8
11
 
30
33
{
31
34
        struct acl_backend *backend = aclobj->backend;
32
35
        const struct acl_mask *have_mask;
 
36
        unsigned int read_idx;
33
37
 
34
38
        if (backend->v.object_refresh_cache(aclobj) < 0)
35
39
                return -1;
40
44
                        return -1;
41
45
        }
42
46
 
43
 
        return acl_cache_mask_isset(have_mask, right_idx);
 
47
        if (acl_cache_mask_isset(have_mask, right_idx))
 
48
                return 1;
 
49
 
 
50
        if (mailbox_list_get_user(aclobj->backend->list)->dsyncing) {
 
51
                /* when dsync is running on a shared mailbox, it must be able
 
52
                   to do everything inside it. however, dsync shouldn't touch
 
53
                   mailboxes where user doesn't have any read access, because
 
54
                   that could make them readable on the replica. */
 
55
                read_idx = acl_backend_lookup_right(aclobj->backend,
 
56
                                                    MAIL_ACL_READ);
 
57
                if (acl_cache_mask_isset(have_mask, read_idx))
 
58
                        return 1;
 
59
        }
 
60
        return 0;
44
61
}
45
62
 
46
63
const char *const *
114
131
                                          pool_datastack_create());
115
132
}
116
133
 
 
134
int acl_object_last_changed(struct acl_object *aclobj, time_t *last_changed_r)
 
135
{
 
136
        return aclobj->backend->v.last_changed(aclobj, last_changed_r);
 
137
}
 
138
 
117
139
int acl_object_update(struct acl_object *aclobj,
118
140
                      const struct acl_rights_update *update)
119
141
{
197
219
        }
198
220
}
199
221
 
 
222
const char *acl_rights_get_id(const struct acl_rights *right)
 
223
{
 
224
        string_t *str = t_str_new(32);
 
225
 
 
226
        acl_rights_write_id(str, right);
 
227
        return str_c(str);
 
228
}
 
229
 
 
230
static bool is_standard_right(const char *name)
 
231
{
 
232
        unsigned int i;
 
233
 
 
234
        for (i = 0; all_mailbox_rights[i] != NULL; i++) {
 
235
                if (strcmp(all_mailbox_rights[i], name) == 0)
 
236
                        return TRUE;
 
237
        }
 
238
        return FALSE;
 
239
}
 
240
 
 
241
int acl_rights_update_import(struct acl_rights_update *update,
 
242
                             const char *id, const char *const *rights,
 
243
                             const char **error_r)
 
244
{
 
245
        ARRAY_TYPE(const_string) dest_rights, dest_neg_rights, *dest;
 
246
        unsigned int i, j;
 
247
 
 
248
        if (acl_identifier_parse(id, &update->rights) < 0) {
 
249
                *error_r = t_strdup_printf("Invalid ID: %s", id);
 
250
                return -1;
 
251
        }
 
252
        if (rights == NULL) {
 
253
                update->modify_mode = ACL_MODIFY_MODE_CLEAR;
 
254
                update->neg_modify_mode = ACL_MODIFY_MODE_CLEAR;
 
255
                return 0;
 
256
        }
 
257
 
 
258
        t_array_init(&dest_rights, 8);
 
259
        t_array_init(&dest_neg_rights, 8);
 
260
        for (i = 0; rights[i] != NULL; i++) {
 
261
                const char *right = rights[i];
 
262
 
 
263
                if (right[0] != '-')
 
264
                        dest = &dest_rights;
 
265
                else {
 
266
                        right++;
 
267
                        dest = &dest_neg_rights;
 
268
                }
 
269
                if (strcmp(right, "all") != 0) {
 
270
                        if (*right == ':') {
 
271
                                /* non-standard right */
 
272
                                right++;
 
273
                                array_append(dest, &right, 1);
 
274
                        } else if (is_standard_right(right)) {
 
275
                                array_append(dest, &right, 1);
 
276
                        } else {
 
277
                                *error_r = t_strdup_printf("Invalid right '%s'",
 
278
                                                           right);
 
279
                                return -1;
 
280
                        }
 
281
                } else {
 
282
                        for (j = 0; all_mailbox_rights[j] != NULL; j++)
 
283
                                array_append(dest, &all_mailbox_rights[j], 1);
 
284
                }
 
285
        }
 
286
        if (array_count(&dest_rights) > 0) {
 
287
                array_append_zero(&dest_rights);
 
288
                update->rights.rights = array_idx(&dest_rights, 0);
 
289
        } else if (update->modify_mode == ACL_MODIFY_MODE_REPLACE) {
 
290
                update->modify_mode = ACL_MODIFY_MODE_CLEAR;
 
291
        }
 
292
        if (array_count(&dest_neg_rights) > 0) {
 
293
                array_append_zero(&dest_neg_rights);
 
294
                update->rights.neg_rights = array_idx(&dest_neg_rights, 0);
 
295
        } else if (update->neg_modify_mode == ACL_MODIFY_MODE_REPLACE) {
 
296
                update->neg_modify_mode = ACL_MODIFY_MODE_CLEAR;
 
297
        }
 
298
        return 0;
 
299
}
 
300
 
 
301
const char *acl_rights_export(const struct acl_rights *rights)
 
302
{
 
303
        string_t *str = t_str_new(128);
 
304
 
 
305
        if (rights->rights != NULL)
 
306
                str_append(str, t_strarray_join(rights->rights, " "));
 
307
        if (rights->neg_rights != NULL) {
 
308
                if (str_len(str) > 0)
 
309
                        str_append_c(str, ' ');
 
310
                str_append_c(str, '-');
 
311
                str_append(str, t_strarray_join(rights->neg_rights, " -"));
 
312
        }
 
313
        return str_c(str);
 
314
}
 
315
 
200
316
bool acl_rights_has_nonowner_lookup_changes(const struct acl_rights *rights)
201
317
{
202
318
        const char *const *p;