int MailboxState_hasPermission(T M, uint64_t userid, const char *right_flag)
{
PreparedStatement_T stmt;
Connection_T c;
ResultSet_T r;
volatile int result = FALSE;
volatile bool owner_acl = false;
uint64_t owner_id, mboxid;
mboxid = MailboxState_getId(M);
TRACE(TRACE_DEBUG, "checking ACL [%s] for user [%" PRIu64 "] on mailbox [%" PRIu64 "]",
right_flag, userid, mboxid);
/* If we don't know who owns the mailbox, look it up. */
owner_id = MailboxState_getOwner(M);
if (! owner_id) {
result = db_get_mailbox_owner(mboxid, &owner_id);
MailboxState_setOwner(M, owner_id);
if (! (result > 0))
return result;
}
if (owner_id == userid) {
c = db_con_get();
TRY
stmt = db_stmt_prepare(c,
"SELECT * FROM %sacl WHERE "
"user_id = ? AND mailbox_id = ?",
DBPFX);
db_stmt_set_u64(stmt, 1, userid);
db_stmt_set_u64(stmt, 2, mboxid);
r = db_stmt_query(stmt);
if (db_result_next(r))
owner_acl = true;
CATCH(SQLException)
LOG_SQLERROR;
result = DM_EQUERY;
FINALLY
db_con_close(c);
END_TRY;
if (! owner_acl) {
TRACE(TRACE_DEBUG, "mailbox [%" PRIu64 "] is owned by user [%" PRIu64 "]"
"and no ACL in place. Giving all rights",
mboxid, userid);
return 1;
} else {
TRACE(TRACE_DEBUG, "mailbox [%" PRIu64 "] is owned by user [%" PRIu64 "]"
"but ACL in place. Restricted access for owner.",
mboxid, userid);
}
}
result = FALSE;
c = db_con_get();
TRY
stmt = db_stmt_prepare(c,
"SELECT * FROM %sacl WHERE "
"user_id = ? AND mailbox_id = ? AND %s = 1",
DBPFX, right_flag);
db_stmt_set_u64(stmt, 1, userid);
db_stmt_set_u64(stmt, 2, mboxid);
r = db_stmt_query(stmt);
if (db_result_next(r))
result = TRUE;
CATCH(SQLException)
LOG_SQLERROR;
result = DM_EQUERY;
FINALLY
db_con_close(c);
END_TRY;
return result;
}
static int do_export(char *user, char *base_mailbox, char *basedir, char *outfile, char *search, int delete_after_dump, int recursive)
{
u64_t user_idnr = 0, owner_idnr = 0, mailbox_idnr = 0;
char *dumpfile = NULL, *mailbox = NULL, *search_mailbox = NULL, *dir = NULL;
GList *children = NULL;
int result = 0;
/* Verify the existence of this user */
if (! auth_user_exists(user, &user_idnr)) {
qerrorf("Error: user [%s] does not exist.\n", user);
result = -1;
goto cleanup;
}
mailbox = g_new0(char, IMAP_MAX_MAILBOX_NAMELEN);
if (!base_mailbox) {
/* Always recursive without a mailbox base */
search_mailbox = g_strdup("*");
} else if (recursive) {
/* Base and everything below */
search_mailbox = g_strdup_printf("%s*", base_mailbox);
} else if (!recursive) {
/* Should yield same results as plain db_findmailbox */
search_mailbox = g_strdup_printf("%s", base_mailbox);
}
/* FIXME: What are the possible error conditions here? */
db_findmailbox_by_regex(user_idnr, search_mailbox, &children, 0);
/* Decision process for basedir vs. outfile:
* If we're dumping one mailbox for one user, it goes to
* stdout. If we've been given -o -, dump everything to
* stdout (e.g., one giant mbox). If we've been given foo
*/
if (!outfile && !basedir) {
/* Default is to use basedir of . */
basedir = ".";
} else if (outfile) {
/* Everything goes into this one file */
dumpfile = outfile;
}
children = g_list_first(children);
qerrorf("Exporting [%u] mailboxes for [%s]\n", g_list_length(children), user);
while (children) {
mailbox_idnr = *(u64_t *)children->data;
db_getmailboxname(mailbox_idnr, user_idnr, mailbox);
if (! db_get_mailbox_owner(mailbox_idnr, &owner_idnr)) {
qerrorf("Error checking mailbox ownership");
goto cleanup;
}
if (owner_idnr == user_idnr) {
if (basedir) {
/* Prepare the directory */
dumpfile = g_strdup_printf("%s/%s/%s.mbox", basedir, user, mailbox);
dir = g_path_get_dirname(dumpfile);
if (g_mkdir_with_parents(dir, 0700)) {
qerrorf("can't create directory [%s]\n", dir);
result = -1;
goto cleanup;
}
}
qerrorf(" export mailbox %s -> %s\n", mailbox, dumpfile);
if ((result = mailbox_dump(mailbox_idnr, dumpfile, search, delete_after_dump)) != 0) {
qerrorf("error exporting mailbox %s -> %s\n", mailbox, dumpfile);
goto cleanup;
}
if (delete_after_dump) db_update("UPDATE %smailboxes SET seq=seq+1 WHERE mailbox_idnr=%d",DBPFX,mailbox_idnr);
if (basedir) {
g_free(dir);
g_free(dumpfile);
}
}
if (! g_list_next(children)) break;
children = g_list_next(children);
}
cleanup:
g_list_destroy(children);
g_free(search_mailbox);
g_free(mailbox);
return result;
}
