#include "array.h"
#include "str.h"
#include "dict.h"
+#include "settings.h"
#include "mail-user.h"
#include "mail-namespace.h"
#include "acl-api-private.h"
const char **error_r)
{
struct acl_lookup_dict *dict;
- const char *uri;
dict = i_new(struct acl_lookup_dict, 1);
dict->user = user;
event_add_category(dict->event, &event_category_acl);
event_set_append_log_prefix(dict->event, "acl: ");
-
- uri = mail_user_plugin_getenv(user, "acl_shared_dict");
- if (uri != NULL) {
- struct dict_legacy_settings dict_set;
-
- i_zero(&dict_set);
- dict_set.base_dir = user->set->base_dir;
- dict_set.event_parent = user->event;
- if (dict_init_legacy(uri, &dict_set, &dict->dict, error_r) < 0)
- return -1;
- } else {
- e_debug(dict->event, "No acl_shared_dict setting - "
- "shared mailbox listing is disabled");
- }
- return 0;
+ event_set_ptr(dict->event, SETTINGS_EVENT_FILTER_NAME,
+ "acl_sharing_map");
+ return dict_init_auto(dict->event, &dict->dict, error_r);
}
void acl_lookup_dict_deinit(struct acl_lookup_dict **_dict)
static int acl_lookup_dict_rebuild_add_backend(struct mail_namespace *ns,
ARRAY_TYPE(const_string) *ids)
{
- struct acl_mailbox_list *alist = ACL_LIST_CONTEXT(ns->list);
struct acl_backend *backend;
struct acl_mailbox_list_context *ctx;
struct acl_object *aclobj;
int ret = 0;
if ((ns->flags & NAMESPACE_FLAG_NOACL) != 0 || ns->owner == NULL ||
- alist == NULL || alist->ignore_acls)
+ ACL_LIST_CONTEXT(ns->list) == NULL)
return 0;
- id = t_str_new(128);
backend = acl_mailbox_list_get_backend(ns->list);
+ if (backend->set->acl_ignore)
+ return 0;
+
+ id = t_str_new(128);
ctx = acl_backend_nonowner_lookups_iter_init(backend);
while (acl_backend_nonowner_lookups_iter_next(ctx, &name)) {
aclobj = acl_object_init_from_name(backend, name);
struct acl_object *aclobj;
int ret, ret2;
- if (alist->ignore_acls)
+ if (backend->set->acl_ignore)
return 1;
aclobj = !parent ?
}
/* If ACLs are ignored for this namespace don't try fast listing. */
- if (alist->ignore_acls)
+ if (backend->set->acl_ignore)
return;
/* if this namespace's default rights contain LOOKUP, we'll need to
}
}
+static bool acl_list_init_backend(struct mailbox_list *list,
+ struct acl_backend **backend_r)
+{
+ const char *error;
+ int ret;
+
+ if ((ret = acl_backend_init_auto(list, backend_r, &error)) < 0)
+ i_fatal("ACL backend initialization failed: %s", error);
+ return ret > 0;
+}
+
static void acl_mailbox_list_init_shared(struct mailbox_list *list)
{
struct acl_mailbox_list *alist;
struct mailbox_list_vfuncs *v = list->vlast;
+ struct acl_backend *backend;
+
+ if (!acl_list_init_backend(list, &backend))
+ return;
alist = p_new(list->pool, struct acl_mailbox_list, 1);
alist->module_ctx.super = *v;
v->deinit = acl_mailbox_list_deinit;
v->iter_init = acl_mailbox_list_iter_init_shared;
- MODULE_CONTEXT_SET(list, acl_mailbox_list_module, alist);
-}
+ acl_storage_rights_ctx_init(&alist->rights, backend);
-static bool acl_namespace_is_ignored(struct mailbox_list *list)
-{
- const char *value =
- mail_user_plugin_getenv(list->ns->user, "acl_ignore_namespace");
- for (unsigned int i = 2; value != NULL; i++) {
- if (wildcard_match(list->ns->prefix, value))
- return TRUE;
- value = mail_user_plugin_getenv(list->ns->user,
- t_strdup_printf("acl_ignore_namespace%u", i));
- }
- return FALSE;
+ MODULE_CONTEXT_SET(list, acl_mailbox_list_module, alist);
}
static void acl_mailbox_list_init_default(struct mailbox_list *list)
{
struct mailbox_list_vfuncs *v = list->vlast;
struct acl_mailbox_list *alist;
+ struct acl_backend *backend;
+
+ if (!acl_list_init_backend(list, &backend))
+ return;
if (list->mail_set->mail_full_filesystem_access) {
/* not necessarily, but safer to do this for now. */
v->iter_init = acl_mailbox_list_iter_init;
v->iter_next = acl_mailbox_list_iter_next;
v->iter_deinit = acl_mailbox_list_iter_deinit;
- if (acl_namespace_is_ignored(list))
- alist->ignore_acls = TRUE;
+
+ acl_storage_rights_ctx_init(&alist->rights, backend);
MODULE_CONTEXT_SET(list, acl_mailbox_list_module, alist);
}
#include "array.h"
#include "ioloop.h"
#include "istream.h"
+#include "settings.h"
#include "mailbox-list-private.h"
#include "acl-api-private.h"
#include "acl-plugin.h"
/* If acls are ignored for this namespace do not check if
there are rights. */
- if (alist->ignore_acls)
+ if (alist->rights.backend->set->acl_ignore)
return 1;
ret = acl_object_have_right(abox->aclobj,
void acl_mailbox_allocated(struct mailbox *box)
{
struct acl_mailbox_list *alist = ACL_LIST_CONTEXT(box->list);
+ struct acl_settings *set;
struct mailbox_vfuncs *v = box->vlast;
struct acl_mailbox *abox;
- bool ignore_acls = (box->flags & MAILBOX_FLAG_IGNORE_ACLS) != 0;
+ const char *error;
+ bool ignore_acls = FALSE;
if (alist == NULL) {
/* ACLs disabled */
return;
}
- if (mail_namespace_is_shared_user_root(box->list->ns) || alist->ignore_acls) {
+ /* get settings for mailbox */
+ if (settings_get(box->event, &acl_setting_parser_info, 0, &set,
+ &error) < 0) {
+ mailbox_set_critical(box, "%s", error);
+ box->open_error = box->storage->error;
+ return;
+ }
+
+ if ((box->flags & MAILBOX_FLAG_IGNORE_ACLS) != 0 ||
+ set->acl_ignore)
+ ignore_acls = TRUE;
+
+ if (mail_namespace_is_shared_user_root(box->list->ns)) {
/* this is the root shared namespace, which itself doesn't
have any existing mailboxes. */
ignore_acls = TRUE;
}
+ settings_free(set);
abox = p_new(box->pool, struct acl_mailbox, 1);
abox->module_ctx.super = *v;
static struct mail_storage_hooks acl_mail_storage_hooks = {
.mail_user_created = acl_mail_user_created,
.mailbox_list_created = acl_mailbox_list_created,
- .mail_namespace_storage_added = acl_mail_namespace_storage_added,
.mailbox_allocated = acl_mailbox_allocated,
.mail_allocated = acl_mail_allocated
};
struct acl_mailbox {
union mailbox_module_context module_ctx;
struct acl_object *aclobj;
+ const struct acl_settings *set;
bool skip_acl_checks;
bool acl_enabled;
bool no_read_right;
struct mail_user_vfuncs *v = user->vlast;
struct acl_user *auser;
const char *error;
+ int ret;
auser = p_new(user->pool, struct acl_user, 1);
auser->module_ctx.super = *v;
user->vlast = &auser->module_ctx.super;
v->deinit = acl_user_deinit;
- if (acl_lookup_dict_init(user, &auser->acl_lookup_dict, &error) < 0) {
+ if ((ret = acl_lookup_dict_init(user, &auser->acl_lookup_dict, &error)) < 0) {
e_error(user->event, "acl: dict_init() failed: %s", error);
+ user->error = p_strdup(user->pool, error);
+ } else if (ret == 0) {
+ e_debug(user->event, "acl: Shared mailbox listing disabled: %s", error);
+ } else {
+ e_debug(user->event, "acl: Shared mailbox listing enabled");
}
struct acl_settings *set = p_new(user->pool, struct acl_settings, 1);
projects / thirdparty / dovecot / core.git / commitdiff
