From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Wed, 15 Jan 2020 13:40:41 +0000 (+0200)
Subject: lib-storage, acl: Fix error trying to open autocreated mailbox without CREATE rights
X-Git-Tag: 2.3.10~129
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5c2a5a9d0fe854c34371a8f089cd667c8b878ced;p=thirdparty%2Fdovecot%2Fcore.git

lib-storage, acl: Fix error trying to open autocreated mailbox without CREATE rights

The opening should fail with a regular error message rather than "internal
server error". Also no error message should be logged in this situation.
---

diff --git a/src/lib-storage/mail-storage-private.h b/src/lib-storage/mail-storage-private.h
index 953aaa2611..65000e7d33 100644
--- a/src/lib-storage/mail-storage-private.h
+++ b/src/lib-storage/mail-storage-private.h
@@ -467,6 +467,9 @@ struct mailbox {
 	/* Using LAYOUT=index and mailbox is being opened with a corrupted
 	   mailbox name. Try to revert to the previously known good name. */
 	bool corrupted_mailbox_name:1;
+	/* mailbox_open() returned MAIL_ERROR_NOTFOUND because the mailbox
+	   doesn't have the LOOKUP ACL right. */
+	bool acl_no_lookup_right:1;
 };
 
 struct mail_vfuncs {
diff --git a/src/lib-storage/mail-storage.c b/src/lib-storage/mail-storage.c
index ded8632aae..2572daba94 100644
--- a/src/lib-storage/mail-storage.c
+++ b/src/lib-storage/mail-storage.c
@@ -1094,6 +1094,10 @@ static int mailbox_autocreate(struct mailbox *box)
 
 	if (mailbox_create(box, NULL, FALSE) < 0) {
 		errstr = mailbox_get_last_internal_error(box, &error);
+		if (error == MAIL_ERROR_NOTFOUND && box->acl_no_lookup_right) {
+			/* ACL prevents creating this mailbox */
+			return -1;
+		}
 		if (error != MAIL_ERROR_EXISTS) {
 			mailbox_set_critical(box,
 				"Failed to autocreate mailbox: %s",
@@ -1120,7 +1124,7 @@ static int mailbox_autocreate_and_reopen(struct mailbox *box)
 	mailbox_close(box);
 
 	ret = box->v.open(box);
-	if (ret < 0 && box->inbox_user &&
+	if (ret < 0 && box->inbox_user && !box->acl_no_lookup_right &&
 	    !box->storage->user->inbox_open_error_logged) {
 		box->storage->user->inbox_open_error_logged = TRUE;
 		mailbox_set_critical(box,
diff --git a/src/plugins/acl/acl-mailbox.c b/src/plugins/acl/acl-mailbox.c
index 241ee3989f..13ba0557d7 100644
--- a/src/plugins/acl/acl-mailbox.c
+++ b/src/plugins/acl/acl-mailbox.c
@@ -174,6 +174,7 @@ static void acl_mailbox_fail_not_found(struct mailbox *box)
 		mail_storage_set_error(box->storage, MAIL_ERROR_PERM,
 				       MAIL_ERRSTR_NO_PERMISSION);
 	} else if (ret == 0) {
+		box->acl_no_lookup_right = TRUE;
 		mail_storage_set_error(box->storage, MAIL_ERROR_NOTFOUND,
 				T_MAIL_ERR_MAILBOX_NOT_FOUND(box->vname));
 	}