int MailboxState_hasPermission(T M, uint64_t userid, const char *right_flag) { PreparedStatement_T stmt; Connection_T c; ResultSet_T r; volatile int result = FALSE; volatile bool owner_acl = false; uint64_t owner_id, mboxid; mboxid = MailboxState_getId(M); TRACE(TRACE_DEBUG, "checking ACL [%s] for user [%" PRIu64 "] on mailbox [%" PRIu64 "]", right_flag, userid, mboxid); /* If we don't know who owns the mailbox, look it up. */ owner_id = MailboxState_getOwner(M); if (! owner_id) { result = db_get_mailbox_owner(mboxid, &owner_id); MailboxState_setOwner(M, owner_id); if (! (result > 0)) return result; } if (owner_id == userid) { c = db_con_get(); TRY stmt = db_stmt_prepare(c, "SELECT * FROM %sacl WHERE " "user_id = ? AND mailbox_id = ?", DBPFX); db_stmt_set_u64(stmt, 1, userid); db_stmt_set_u64(stmt, 2, mboxid); r = db_stmt_query(stmt); if (db_result_next(r)) owner_acl = true; CATCH(SQLException) LOG_SQLERROR; result = DM_EQUERY; FINALLY db_con_close(c); END_TRY; if (! owner_acl) { TRACE(TRACE_DEBUG, "mailbox [%" PRIu64 "] is owned by user [%" PRIu64 "]" "and no ACL in place. Giving all rights", mboxid, userid); return 1; } else { TRACE(TRACE_DEBUG, "mailbox [%" PRIu64 "] is owned by user [%" PRIu64 "]" "but ACL in place. Restricted access for owner.", mboxid, userid); } } result = FALSE; c = db_con_get(); TRY stmt = db_stmt_prepare(c, "SELECT * FROM %sacl WHERE " "user_id = ? AND mailbox_id = ? AND %s = 1", DBPFX, right_flag); db_stmt_set_u64(stmt, 1, userid); db_stmt_set_u64(stmt, 2, mboxid); r = db_stmt_query(stmt); if (db_result_next(r)) result = TRUE; CATCH(SQLException) LOG_SQLERROR; result = DM_EQUERY; FINALLY db_con_close(c); END_TRY; return result; }
static int do_export(char *user, char *base_mailbox, char *basedir, char *outfile, char *search, int delete_after_dump, int recursive) { u64_t user_idnr = 0, owner_idnr = 0, mailbox_idnr = 0; char *dumpfile = NULL, *mailbox = NULL, *search_mailbox = NULL, *dir = NULL; GList *children = NULL; int result = 0; /* Verify the existence of this user */ if (! auth_user_exists(user, &user_idnr)) { qerrorf("Error: user [%s] does not exist.\n", user); result = -1; goto cleanup; } mailbox = g_new0(char, IMAP_MAX_MAILBOX_NAMELEN); if (!base_mailbox) { /* Always recursive without a mailbox base */ search_mailbox = g_strdup("*"); } else if (recursive) { /* Base and everything below */ search_mailbox = g_strdup_printf("%s*", base_mailbox); } else if (!recursive) { /* Should yield same results as plain db_findmailbox */ search_mailbox = g_strdup_printf("%s", base_mailbox); } /* FIXME: What are the possible error conditions here? */ db_findmailbox_by_regex(user_idnr, search_mailbox, &children, 0); /* Decision process for basedir vs. outfile: * If we're dumping one mailbox for one user, it goes to * stdout. If we've been given -o -, dump everything to * stdout (e.g., one giant mbox). If we've been given foo */ if (!outfile && !basedir) { /* Default is to use basedir of . */ basedir = "."; } else if (outfile) { /* Everything goes into this one file */ dumpfile = outfile; } children = g_list_first(children); qerrorf("Exporting [%u] mailboxes for [%s]\n", g_list_length(children), user); while (children) { mailbox_idnr = *(u64_t *)children->data; db_getmailboxname(mailbox_idnr, user_idnr, mailbox); if (! db_get_mailbox_owner(mailbox_idnr, &owner_idnr)) { qerrorf("Error checking mailbox ownership"); goto cleanup; } if (owner_idnr == user_idnr) { if (basedir) { /* Prepare the directory */ dumpfile = g_strdup_printf("%s/%s/%s.mbox", basedir, user, mailbox); dir = g_path_get_dirname(dumpfile); if (g_mkdir_with_parents(dir, 0700)) { qerrorf("can't create directory [%s]\n", dir); result = -1; goto cleanup; } } qerrorf(" export mailbox %s -> %s\n", mailbox, dumpfile); if ((result = mailbox_dump(mailbox_idnr, dumpfile, search, delete_after_dump)) != 0) { qerrorf("error exporting mailbox %s -> %s\n", mailbox, dumpfile); goto cleanup; } if (delete_after_dump) db_update("UPDATE %smailboxes SET seq=seq+1 WHERE mailbox_idnr=%d",DBPFX,mailbox_idnr); if (basedir) { g_free(dir); g_free(dumpfile); } } if (! g_list_next(children)) break; children = g_list_next(children); } cleanup: g_list_destroy(children); g_free(search_mailbox); g_free(mailbox); return result; }