IMAP ACLs: Unless acl_anyone=allow, disallow adding "anyone" and "authenticated"...

--HG--
branch : HEAD

diff --git a/src/plugins/imap-acl/imap-acl-plugin.c b/src/plugins/imap-acl/imap-acl-plugin.c
index c587c250e3ef6a66d62683b627f626f94d916711..ddb32724f275f63d1c966bc9956e32ca6f4cbc2a 100644 (file)
--- a/src/plugins/imap-acl/imap-acl-plugin.c
+++ b/src/plugins/imap-acl/imap-acl-plugin.c
@@ -45,6 +45,8 @@ static const struct imap_acl_letter_map imap_acl_letter_map[] = {
        { '\0', NULL }
 };
 
+static bool acl_anyone_allow = FALSE;
+
 static struct mailbox *
 acl_mailbox_open_as_admin(struct client_command_context *cmd, const char *name)
 {
@@ -310,7 +312,7 @@ imap_acl_letters_parse(const char *letters, const char *const **rights_r,
 
 static int
 imap_acl_identifier_parse(const char *id, struct acl_rights *rights,
-                         const char **error_r)
+                         bool check_anyone, const char **error_r)
 {
        if (strncmp(id, IMAP_ACL_GLOBAL_PREFIX,
                    strlen(IMAP_ACL_GLOBAL_PREFIX)) == 0) {
@@ -319,11 +321,19 @@ imap_acl_identifier_parse(const char *id, struct acl_rights *rights,
                return -1;
        }
 
-       if (strcmp(id, IMAP_ACL_ANYONE) == 0)
+       if (strcmp(id, IMAP_ACL_ANYONE) == 0) {
+               if (!acl_anyone_allow && check_anyone) {
+                       *error_r = "'anyone' identifier is disallowed";
+                       return -1;
+               }
                rights->id_type = ACL_ID_ANYONE;
-       else if (strcmp(id, IMAP_ACL_AUTHENTICATED) == 0)
+       } else if (strcmp(id, IMAP_ACL_AUTHENTICATED) == 0) {
+               if (!acl_anyone_allow && check_anyone) {
+                       *error_r = "'authenticated' identifier is disallowed";
+                       return -1;
+               }
                rights->id_type = ACL_ID_AUTHENTICATED;
-       else if (strcmp(id, IMAP_ACL_OWNER) == 0)
+       } else if (strcmp(id, IMAP_ACL_OWNER) == 0)
                rights->id_type = ACL_ID_OWNER;
        else if (strncmp(id, IMAP_ACL_GROUP_PREFIX,
                         strlen(IMAP_ACL_GROUP_PREFIX)) == 0) {
@@ -360,7 +370,8 @@ static bool cmd_setacl(struct client_command_context *cmd)
                identifier++;
        }
 
-       if (imap_acl_identifier_parse(identifier, &update.rights, &error) < 0) {
+       if (imap_acl_identifier_parse(identifier, &update.rights,
+                                     TRUE, &error) < 0) {
                client_send_command_error(cmd, error);
                return TRUE;
        }
@@ -422,7 +433,8 @@ static bool cmd_deleteacl(struct client_command_context *cmd)
                identifier++;
        }
 
-       if (imap_acl_identifier_parse(identifier, &update.rights, &error) < 0) {
+       if (imap_acl_identifier_parse(identifier, &update.rights,
+                                     FALSE, &error) < 0) {
                client_send_command_error(cmd, error);
                return TRUE;
        }
@@ -441,9 +453,15 @@ static bool cmd_deleteacl(struct client_command_context *cmd)
 
 void imap_acl_plugin_init(void)
 {
+       const char *env;
+
        if (getenv("ACL") == NULL)
                return;
 
+       env = getenv("ACL_ANYONE");
+       if (env != NULL)
+               acl_anyone_allow = strcmp(env, "allow") == 0;
+
        str_append(capability_string, " ACL RIGHTS=texk");
 
        command_register("LISTRIGHTS", cmd_listrights, 0);