dovecot-1.1: ACL: If we don't have 'w' access, don't allow creat...

dovecot at dovecot.org dovecot at dovecot.org
Mon May 5 00:23:48 EEST 2008 

details:   http://hg.dovecot.org/dovecot-1.1/rev/1c1dc9d1f383
changeset: 7497:1c1dc9d1f383
user:      Timo Sirainen <tss at iki.fi>
date:      Mon May 05 00:18:56 2008 +0300
description:
ACL: If we don't have 'w' access, don't allow creating new keywords.

diffstat:

1 file changed, 31 insertions(+)
src/plugins/acl/acl-mailbox.c |   31 +++++++++++++++++++++++++++++++

diffs (48 lines):

diff -r 036d06b57bd1 -r 1c1dc9d1f383 src/plugins/acl/acl-mailbox.c
--- a/src/plugins/acl/acl-mailbox.c	Sun May 04 23:47:40 2008 +0300
+++ b/src/plugins/acl/acl-mailbox.c	Mon May 05 00:18:56 2008 +0300
@@ -295,6 +295,36 @@ acl_transaction_commit(struct mailbox_tr
 		transaction_commit(ctx, uid_validity_r,
 				   first_saved_uid_r, last_saved_uid_r);
 }
+
+static int
+acl_keywords_create(struct mailbox *box, const char *const keywords[],
+		    struct mail_keywords **keywords_r, bool skip_invalid)
+{
+	struct acl_mailbox *abox = ACL_CONTEXT(box);
+	int ret;
+
+	ret = mailbox_acl_right_lookup(box, ACL_STORAGE_RIGHT_WRITE);
+	if (ret < 0) {
+		if (!skip_invalid)
+			return -1;
+		/* we can't return failure. assume we don't have permissions. */
+		ret = 0;
+	}
+
+	if (ret == 0) {
+		/* no permission to update any flags. just return empty
+		   keywords list. */
+		const char *null = NULL;
+
+		return abox->module_ctx.super.keywords_create(box, &null,
+							      keywords_r,
+							      skip_invalid);
+	}
+
+	return abox->module_ctx.super.keywords_create(box, keywords,
+						      keywords_r, skip_invalid);
+}
+
 struct mailbox *acl_mailbox_open_box(struct mailbox *box)
 {
 	struct acl_mail_storage *astorage = ACL_CONTEXT(box->storage);
@@ -311,6 +341,7 @@ struct mailbox *acl_mailbox_open_box(str
 	box->v.close = acl_mailbox_close;
 	box->v.mail_alloc = acl_mail_alloc;
 	box->v.save_init = acl_save_init;
+	box->v.keywords_create = acl_keywords_create;
 	box->v.copy = acl_copy;
 	box->v.transaction_commit = acl_transaction_commit;
 	MODULE_CONTEXT_SET(box, acl_storage_module, abox);

More information about the dovecot-cvs mailing list