dovecot-2.2: acl: Fixed handling mailbox deletion when only "del...
dovecot at dovecot.org
dovecot at dovecot.org
Mon Oct 26 14:29:06 UTC 2015
details: http://hg.dovecot.org/dovecot-2.2/rev/0660772fb1dd
changeset: 19332:0660772fb1dd
user: Timo Sirainen <tss at iki.fi>
date: Mon Oct 26 16:28:51 2015 +0200
description:
acl: Fixed handling mailbox deletion when only "delete" right was available.
So especially when there were no "lookup" or "read" rights.
diffstat:
src/plugins/acl/acl-attributes.c | 5 +++++
src/plugins/acl/acl-mailbox.c | 9 +++------
2 files changed, 8 insertions(+), 6 deletions(-)
diffs (41 lines):
diff -r ce132257cbb5 -r 0660772fb1dd src/plugins/acl/acl-attributes.c
--- a/src/plugins/acl/acl-attributes.c Fri Oct 23 15:21:15 2015 +0300
+++ b/src/plugins/acl/acl-attributes.c Mon Oct 26 16:28:51 2015 +0200
@@ -101,6 +101,11 @@
{
int ret;
+ if (box->deleting) {
+ /* deleting attributes during mailbox deletion */
+ return 1;
+ }
+
/* RFC 5464:
When the ACL extension [RFC4314] is present, users can only set and
diff -r ce132257cbb5 -r 0660772fb1dd src/plugins/acl/acl-mailbox.c
--- a/src/plugins/acl/acl-mailbox.c Fri Oct 23 15:21:15 2015 +0300
+++ b/src/plugins/acl/acl-mailbox.c Mon Oct 26 16:28:51 2015 +0200
@@ -184,12 +184,7 @@
return -1;
}
- /* deletion might internally open the mailbox. let it succeed even if
- we don't have READ permission. */
- abox->skip_acl_checks = TRUE;
- ret = abox->module_ctx.super.delete_box(box);
- abox->skip_acl_checks = FALSE;
- return ret;
+ return abox->module_ctx.super.delete_box(box);
}
static int
@@ -500,6 +495,8 @@
if ((box->flags & MAILBOX_FLAG_SAVEONLY) != 0) {
open_right = (box->flags & MAILBOX_FLAG_POST_SESSION) != 0 ?
ACL_STORAGE_RIGHT_POST : ACL_STORAGE_RIGHT_INSERT;
+ } else if (box->deleting) {
+ open_right = ACL_STORAGE_RIGHT_DELETE;
} else {
open_right = ACL_STORAGE_RIGHT_READ;
}
More information about the dovecot-cvs
mailing list