acl: Optionally get default ACL's for private/shared namespaces from user's INBOX.

This probably should be the default always, but better not break anyone's
existing setup until v2.3.0. So for now there's a setting for this:
plugin { acl_defaults_from_inbox = yes }

diff --git a/src/plugins/acl/acl-api-private.h b/src/plugins/acl/acl-api-private.h
index 90a83eb13290b9f663ea0241cfc2da06ec6e5451..852dc31aba7100d4469853a787320fff16276317 100644 (file)
--- a/src/plugins/acl/acl-api-private.h
+++ b/src/plugins/acl/acl-api-private.h
@@ -81,6 +81,7 @@ extern const char *const all_mailbox_rights[];
 const char *const *
 acl_backend_mask_get_names(struct acl_backend *backend,
                           const struct acl_mask *mask, pool_t pool);
+struct acl_object *acl_backend_get_default_object(struct acl_backend *backend);
 int acl_backend_get_default_rights(struct acl_backend *backend,
                                   const struct acl_mask **mask_r);
 void acl_rights_write_id(string_t *dest, const struct acl_rights *right);

diff --git a/src/plugins/acl/acl-backend-vfile.c b/src/plugins/acl/acl-backend-vfile.c
index ccf16557fb4072d3992a795c862209c35a32ec31..ce8f2aeb46c35cc57ed8970199381e4420ea0718 100644 (file)
--- a/src/plugins/acl/acl-backend-vfile.c
+++ b/src/plugins/acl/acl-backend-vfile.c
@@ -284,7 +284,7 @@ acl_backend_vfile_object_init_parent(struct acl_backend *backend,
        }
        if (parent == NULL) {
                /* use the root */
-               parent = "";
+               parent = acl_backend_get_default_object(backend)->name;
        }
        return acl_backend_vfile_object_init(backend, parent);
 }

diff --git a/src/plugins/acl/acl-backend.c b/src/plugins/acl/acl-backend.c
index c1b44510f98f41f26ba09dcfab9f1ac55d54894a..3e562a67858f8da7601a3f9cc3542d3ca8f15dda 100644 (file)
--- a/src/plugins/acl/acl-backend.c
+++ b/src/plugins/acl/acl-backend.c
@@ -4,6 +4,7 @@
 #include "hash.h"
 #include "mail-storage-settings.h"
 #include "mailbox-list.h"
+#include "mail-namespace.h"
 #include "mail-user.h"
 #include "acl-cache.h"
 #include "acl-api-private.h"
@@ -157,17 +158,35 @@ unsigned int acl_backend_lookup_right(struct acl_backend *backend,
        return acl_cache_right_lookup(backend->cache, right);
 }
 
+struct acl_object *acl_backend_get_default_object(struct acl_backend *backend)
+{
+       struct mail_user *user = mailbox_list_get_user(backend->list);
+       struct mail_namespace *ns = mailbox_list_get_namespace(backend->list);
+       const char *default_name = "";
+
+       if (backend->default_aclobj != NULL)
+               return backend->default_aclobj;
+
+       /* FIXME: this should probably be made default in v2.3 */
+       if (mail_user_plugin_getenv(user, "acl_defaults_from_inbox") != NULL) {
+               if (ns->type == MAIL_NAMESPACE_TYPE_PRIVATE ||
+                   ns->type == MAIL_NAMESPACE_TYPE_SHARED)
+                       default_name = "INBOX";
+       }
+       backend->default_aclobj =
+               acl_object_init_from_name(backend, default_name);
+       return backend->default_aclobj;
+}
+
 int acl_backend_get_default_rights(struct acl_backend *backend,
                                   const struct acl_mask **mask_r)
 {
-       if (backend->default_aclobj == NULL) {
-               backend->default_aclobj =
-                       acl_object_init_from_name(backend, "");
-       }
-       if (backend->v.object_refresh_cache(backend->default_aclobj) < 0)
+       struct acl_object *aclobj = acl_backend_get_default_object(backend);
+
+       if (backend->v.object_refresh_cache(aclobj) < 0)
                return -1;
 
-       *mask_r = acl_cache_get_my_rights(backend->cache, "");
+       *mask_r = acl_cache_get_my_rights(backend->cache, aclobj->name);
        if (*mask_r == NULL)
                *mask_r = backend->default_aclmask;
        return 0;