acl: Fix accessing attributes when mailbox had no READ rights

author Timo Sirainen <timo.sirainen@open-xchange.com>

Wed, 15 Jan 2020 13:46:47 +0000 (15:46 +0200)

committer aki.tuomi <aki.tuomi@open-xchange.com>

Thu, 23 Jan 2020 12:36:05 +0000 (12:36 +0000)
author Timo Sirainen <timo.sirainen@open-xchange.com>
Wed, 15 Jan 2020 13:46:47 +0000 (15:46 +0200)
committer aki.tuomi <aki.tuomi@open-xchange.com>
Thu, 23 Jan 2020 12:36:05 +0000 (12:36 +0000)
diff --git a/src/plugins/acl/acl-mailbox.c b/src/plugins/acl/acl-mailbox.c

index 0d3774876a921aea6c132a4c9e43fdb242d644a5..781dcc39928e1727719b79de83ddb62493307566 100644 (file)
--- a/src/plugins/acl/acl-mailbox.c
+++ b/src/plugins/acl/acl-mailbox.c
@@ -534,6 +534,10 @@ static int acl_mailbox_open_check_acl(struct mailbox *box)
                         ACL_STORAGE_RIGHT_POST : ACL_STORAGE_RIGHT_INSERT;
         } else if (box->deleting) {
                 open_right = ACL_STORAGE_RIGHT_DELETE;
+       } else if ((box->flags & MAILBOX_FLAG_ATTRIBUTE_SESSION) != 0) {
+               /* GETMETADATA/SETMETADATA requires "l" right and another one
+                  which is checked afterwards. */
+               open_right = ACL_STORAGE_RIGHT_LOOKUP;
         } else {
                 open_right = ACL_STORAGE_RIGHT_READ;
         }
@@ -554,6 +558,10 @@ static int acl_mailbox_open_check_acl(struct mailbox *box)
                 if (ret == 0)
                         abox->no_read_right = TRUE;
         }
+       if ((box->flags & MAILBOX_FLAG_ATTRIBUTE_SESSION) != 0) {
+               if (!acl_mailbox_have_extra_attribute_rights(box))
+                       return -1;
+       }
         return 0;
  }
author	Timo Sirainen <timo.sirainen@open-xchange.com>
	Wed, 15 Jan 2020 13:46:47 +0000 (15:46 +0200)
committer	aki.tuomi <aki.tuomi@open-xchange.com>
	Thu, 23 Jan 2020 12:36:05 +0000 (12:36 +0000)