dovecot-2.2: acl: Fixed handling mailbox deletion when only "del...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.2/rev/0660772fb1dd
changeset: 19332:0660772fb1dd
user:      Timo Sirainen <tss at iki.fi>
date:      Mon Oct 26 16:28:51 2015 +0200
description:
acl: Fixed handling mailbox deletion when only "delete" right was available.
So especially when there were no "lookup" or "read" rights.

diffstat:

 src/plugins/acl/acl-attributes.c |  5 +++++
 src/plugins/acl/acl-mailbox.c    |  9 +++------
 2 files changed, 8 insertions(+), 6 deletions(-)

diffs (41 lines):

diff -r ce132257cbb5 -r 0660772fb1dd src/plugins/acl/acl-attributes.c
--- a/src/plugins/acl/acl-attributes.c	Fri Oct 23 15:21:15 2015 +0300
+++ b/src/plugins/acl/acl-attributes.c	Mon Oct 26 16:28:51 2015 +0200
@@ -101,6 +101,11 @@
 {
 	int ret;
 
+	if (box->deleting) {
+		/* deleting attributes during mailbox deletion */
+		return 1;
+	}
+
 	/* RFC 5464:
 
 	   When the ACL extension [RFC4314] is present, users can only set and
diff -r ce132257cbb5 -r 0660772fb1dd src/plugins/acl/acl-mailbox.c
--- a/src/plugins/acl/acl-mailbox.c	Fri Oct 23 15:21:15 2015 +0300
+++ b/src/plugins/acl/acl-mailbox.c	Mon Oct 26 16:28:51 2015 +0200
@@ -184,12 +184,7 @@
 		return -1;
 	}
 
-	/* deletion might internally open the mailbox. let it succeed even if
-	   we don't have READ permission. */
-	abox->skip_acl_checks = TRUE;
-	ret = abox->module_ctx.super.delete_box(box);
-	abox->skip_acl_checks = FALSE;
-	return ret;
+	return abox->module_ctx.super.delete_box(box);
 }
 
 static int
@@ -500,6 +495,8 @@
 	if ((box->flags & MAILBOX_FLAG_SAVEONLY) != 0) {
 		open_right = (box->flags & MAILBOX_FLAG_POST_SESSION) != 0 ?
 			ACL_STORAGE_RIGHT_POST : ACL_STORAGE_RIGHT_INSERT;
+	} else if (box->deleting) {
+		open_right = ACL_STORAGE_RIGHT_DELETE;
 	} else {
 		open_right = ACL_STORAGE_RIGHT_READ;
 	}