From: helge Date: Wed, 6 Jul 2005 16:40:58 +0000 (+0000) Subject: added some ACL support X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d0a5eef43ca8e8f79887ad70602fa09f32d50036;p=scalable-opengroupware.org added some ACL support git-svn-id: http://svn.opengroupware.org/SOGo/trunk@671 d1b88da0-ebda-0310-925b-ed51d893ca5b --- diff --git a/SOGo/SoObjects/Mailer/ChangeLog b/SOGo/SoObjects/Mailer/ChangeLog index 83d15f98..b4eb1c3d 100644 --- a/SOGo/SoObjects/Mailer/ChangeLog +++ b/SOGo/SoObjects/Mailer/ChangeLog @@ -1,3 +1,16 @@ +2005-07-06 Helge Hess + + * v0.9.85 + + * SOGoMailFolder.m: added ability to check certain ACL permissions (and + cache them for one invocation) + + * SOGoMailObject.m: implemented -isDeletionAllowed by asking the folder + for deletion + + * SOGoMailManager.m: added methods to retrieve the ACL and the myrights + from an IMAP4 mailbox + 2005-07-06 Helge Hess * SOGoMailManager.m: detect Cyrus 'permission denied' when changing diff --git a/SOGo/SoObjects/Mailer/README b/SOGo/SoObjects/Mailer/README index 62286e0f..bfccb5bb 100644 --- a/SOGo/SoObjects/Mailer/README +++ b/SOGo/SoObjects/Mailer/README @@ -6,6 +6,28 @@ Class Overview SOGoMailManager - backend class connecting to NGImap4, will probably move to SOGoLogic +Class Hierarchy +=============== + +[NSObject] + SOGoMailerProduct + + SOGoMailAccounts + SOGoMailBaseObject + SOGoDraftObject + SOGoDraftsFolder + SOGoMailAccount + SOGoMailBodyPart + SOGoImageMailBodyPart + SOGoMessageMailBodyPart + SOGoMailFolder + SOGoMailObject + SOGoMailConnectionEntry + [EODataSource] + SOGoMailFolderDataSource + SOGoMailManager + SOGoMailboxInfo + Defaults ======== diff --git a/SOGo/SoObjects/Mailer/SOGoMailFolder.h b/SOGo/SoObjects/Mailer/SOGoMailFolder.h index 441de750..d43607bf 100644 --- a/SOGo/SoObjects/Mailer/SOGoMailFolder.h +++ b/SOGo/SoObjects/Mailer/SOGoMailFolder.h @@ -38,9 +38,14 @@ @interface SOGoMailFolder : SOGoMailBaseObject { - NSArray *filenames; - NSString *folderType; + NSArray *filenames; + NSString *folderType; SOGoMailboxInfo *selectInfo; + struct { + int didCheckACL:1; + int isDeleteAndExpungeAllowed:1; + int reserved:30; + } somfFlags; } /* messages */ @@ -52,6 +57,10 @@ - (NSException *)expunge; +/* permissions */ + +- (BOOL)isDeleteAndExpungeAllowed; + @end #endif /* __Mailer_SOGoMailFolder_H__ */ diff --git a/SOGo/SoObjects/Mailer/SOGoMailFolder.m b/SOGo/SoObjects/Mailer/SOGoMailFolder.m index 0f9a3e7c..4a96b934 100644 --- a/SOGo/SoObjects/Mailer/SOGoMailFolder.m +++ b/SOGo/SoObjects/Mailer/SOGoMailFolder.m @@ -106,6 +106,31 @@ return nil; /* no error */ } +/* permissions */ + +- (void)_loadACLPermissionFlags { + NSString *rights; + + if (self->somfFlags.didCheckACL) + return; + + rights = [[self mailManager] myRightsForMailboxAtURL:[self imap4URL] + password:[self imap4Password]]; + if ([rights isKindOfClass:[NSException class]]) { + [self logWithFormat:@"ERROR: could not retrieve ACL: %@", rights]; + return; + } + + self->somfFlags.didCheckACL = 1; + self->somfFlags.isDeleteAndExpungeAllowed = + [rights rangeOfString:@"d"].length > 0 ? 1 : 0; +} + +- (BOOL)isDeleteAndExpungeAllowed { + [self _loadACLPermissionFlags]; + return self->somfFlags.isDeleteAndExpungeAllowed; +} + /* messages */ - (NSArray *)fetchUIDsMatchingQualifier:(id)_q sortOrdering:(id)_so { diff --git a/SOGo/SoObjects/Mailer/SOGoMailManager.h b/SOGo/SoObjects/Mailer/SOGoMailManager.h index b7251dcf..fdd36f28 100644 --- a/SOGo/SoObjects/Mailer/SOGoMailManager.h +++ b/SOGo/SoObjects/Mailer/SOGoMailManager.h @@ -93,6 +93,9 @@ - (NSException *)moveMailboxAtURL:(NSURL *)_srcurl toURL:(NSURL *)_desturl password:(NSString *)_pwd; +- (id)aclForMailboxAtURL:(NSURL *)_url password:(NSString *)_pwd; +- (NSString *)myRightsForMailboxAtURL:(NSURL *)_url password:(NSString *)_pwd; + @end #endif /* __Mailer_SOGoMailManager_H__ */ diff --git a/SOGo/SoObjects/Mailer/SOGoMailManager.m b/SOGo/SoObjects/Mailer/SOGoMailManager.m index f0af8eb2..79dcdca2 100644 --- a/SOGo/SoObjects/Mailer/SOGoMailManager.m +++ b/SOGo/SoObjects/Mailer/SOGoMailManager.m @@ -972,6 +972,55 @@ static NSString *imap4Separator = nil; return nil; } +- (NSDictionary *)aclForMailboxAtURL:(NSURL *)_url password:(NSString *)_pwd { + /* + Returns a mapping of uid => permission strings, eg: + guizmo.g = lrs; + root = lrswipcda; + */ + SOGoMailConnectionEntry *entry; + NSString *folderName; + id result; + + if ((entry = [self entryForURL:_url password:_pwd]) == nil) { + // TODO: better to use an auth exception? + return [NSException exceptionWithHTTPStatus:404 /* Not Found */ + reason:@"did not find IMAP4 folder (no entry)"]; + } + + folderName = [self imap4FolderNameForURL:_url]; + result = [[entry client] getACL:folderName]; + if (![[result valueForKey:@"result"] boolValue]) { + [self logWithFormat:@"ERROR: getacl failed: %@", result]; + return [NSException exceptionWithHTTPStatus:404 /* Not Found */ + reason:@"did not find ACL for IMAP4 folder"]; + } + + return [result valueForKey:@"acl"]; +} + +- (NSString *)myRightsForMailboxAtURL:(NSURL *)_url password:(NSString *)_pwd { + SOGoMailConnectionEntry *entry; + NSString *folderName; + id result; + + if ((entry = [self entryForURL:_url password:_pwd]) == nil) { + // TODO: better to use an auth exception? + return [NSException exceptionWithHTTPStatus:404 /* Not Found */ + reason:@"did not find IMAP4 folder (no entry)"]; + } + + folderName = [self imap4FolderNameForURL:_url]; + result = [[entry client] myRights:folderName]; + if (![[result valueForKey:@"result"] boolValue]) { + [self logWithFormat:@"ERROR: myrights failed: %@", result]; + return [NSException exceptionWithHTTPStatus:404 /* Not Found */ + reason:@"did not find myrights for IMAP4 folder"]; + } + + return [result valueForKey:@"myrights"]; +} + /* debugging */ - (BOOL)isDebuggingEnabled { diff --git a/SOGo/SoObjects/Mailer/SOGoMailObject.m b/SOGo/SoObjects/Mailer/SOGoMailObject.m index 29a4f8d7..ba300565 100644 --- a/SOGo/SoObjects/Mailer/SOGoMailObject.m +++ b/SOGo/SoObjects/Mailer/SOGoMailObject.m @@ -20,6 +20,7 @@ */ #include "SOGoMailObject.h" +#include "SOGoMailFolder.h" #include "SOGoMailManager.h" #include "SOGoMailBodyPart.h" #include @@ -502,6 +503,12 @@ static BOOL debugBodyStructure = NO; password:[self imap4Password]]; } +/* permissions */ + +- (BOOL)isDeletionAllowed { + return [[self container] isDeleteAndExpungeAllowed]; +} + /* name lookup */ - (id)lookupImap4BodyPartKey:(NSString *)_key inContext:(id)_ctx { diff --git a/SOGo/SoObjects/Mailer/Version b/SOGo/SoObjects/Mailer/Version index 73737778..eca7fb4e 100644 --- a/SOGo/SoObjects/Mailer/Version +++ b/SOGo/SoObjects/Mailer/Version @@ -1,6 +1,6 @@ # Version file -SUBMINOR_VERSION:=84 +SUBMINOR_VERSION:=85 # v0.9.69 requires libNGMime v4.5.210 # v0.9.55 requires libNGExtensions v4.5.136