void acl_computeRightsOnFolder(const char *folder, char *rights) { maildir_aclt_list l; char *owner; if (acl_read(&l, folder, &owner) < 0) { *rights=0; return; } acl_computeRights(&l, rights, owner); if (owner) free(owner); maildir_aclt_list_destroy(&l); }
int acl_read2(maildir_aclt_list *l, struct maildir_info *minfo, char **owner) { int rc; char *p; if (minfo->mailbox_type == MAILBOXTYPE_OLDSHARED) { /* Legacy shared., punt. */ maildir_aclt_list_init(l); if (maildir_aclt_list_add(l, "anyone", ACL_LOOKUP ACL_READ ACL_SEEN ACL_WRITE ACL_INSERT ACL_DELETEMSGS ACL_EXPUNGE, NULL) < 0 || (*owner=strdup("vendor=courier.internal")) == NULL) { maildir_aclt_list_destroy(l); return -1; } return 0; } if (minfo->homedir == NULL || minfo->maildir == NULL) return -1; p=maildir_name2dir(".", minfo->maildir); if (!p) return -1; rc=maildir_acl_read(l, minfo->homedir, strncmp(p, "./", 2) == 0 ? p+2:p); free(p); if (owner && rc == 0) { *owner=minfo->owner; minfo->owner=NULL; } return rc; }
void getacl() { maildir_aclt_list l; char buf[2]; char *owner; const char *a; const char *editentity=cgi("editentity"); const char *editaccess=cgi("editaccess"); const char *entitytype=""; const char *entityval=""; int negate=0; if (acl_read(&l, sqwebmail_folder, &owner) < 0) { printf("%s", getarg("ACL_noaccess")); return; } strcpy(buf, ACL_ADMINISTER); acl_computeRights(&l, buf, owner); if (owner) free(owner); if (buf[0] == 0) { maildir_aclt_list_destroy(&l); return; } printf("<form method=\"post\" name=\"form1\" action=\""); output_scriptptr(); printf("\">"); output_scriptptrpostinfo(); printf("<input type=\"hidden\" name=\"update\" value=\"1\" />\n" "<input type=\"hidden\" name=\"form\" value=\"acl\" />\n"); printf("<table class=\"folder-acl-list\"><tbody>" "<tr><th align=\"left\">%s</th><th align=\"left\">%s</th></tr>\n", getarg("ENTITY"), getarg("ACCESSRIGHTS")); maildir_aclt_list_enum(&l, getacl_cb, NULL); if (*editentity == '-') { ++editentity; negate=1; } if (*editentity) { if (strncmp(editentity, "user="******"user"; entityval=editentity+5; } else if (strncmp(editentity, "group=", 6) == 0) { entitytype="group"; entityval=editentity+6; } else if (strcmp(editentity, "owner") == 0 || strcmp(editentity, "anonymous") == 0) { entitytype=editentity; } else { entitytype="other"; entityval=editentity; } } printf("<tr><td colspan=\"2\"><hr width=\"90%%\" />"); printf("<table><tbody>\n"); printf("<tr><th colspan=\"2\" align=\"left\">%s</th></tr>\n", getarg("UPDATEHDR")); printf("<tr align=\"top\"><td>" "<select name=\"negate\" id=\"negate\">\n" "<option value=\"\" > </option>\n" "<option value=\"-\" %s>-</option>\n" "</select>\n" "<select name=\"entitytype\" id=\"entitytype\" " "onchange=\"javascript:updent()\" >\n" "<option value=\"user\" %s >%s</option>\n" "<option value=\"group\" %s >%s</option>\n" "<option value=\"owner\" %s >%s</option>\n" "<option value=\"anonymous\" %s >%s</option>\n" "<option value=\"administrators\" %s >%s</option>\n" "<option value=\"other\" %s >%s</option>\n" "</select><input type=\"text\" name=\"entity\" " " id=\"entity\" value=\"", negate ? "selected=\"selected\"":"", strcmp(entitytype, "user") == 0 ? "selected=\"selected\"":"", getarg("USER"), strcmp(entitytype, "group") == 0 ? "selected=\"selected\"":"", getarg("GROUP"), strcmp(entitytype, "owner") == 0 ? "selected=\"selected\"":"", getarg("OWNER"), strcmp(entitytype, "anonymous") == 0 ? "selected=\"selected\"":"", getarg("ANONYMOUS"), strcmp(entitytype, "administrators") == 0 ? "selected=\"selected\"":"", getarg("ADMINISTRATORS"), strcmp(entitytype, "other") == 0 ? "selected=\"selected\"":"", getarg("OTHER")); p_ident_name(entityval); printf("\"/></td><td><table><tbody>"); a=getarg("ACL_all"); while (*a) { char buf2[40]; sprintf(buf2, "ACL_%c", *a); printf("<tr><td><input type=\"checkbox\" name=\"acl_%c\" " "id=\"acl_%c\" %s />" "</td><td>%s</td></tr>\n", *a, *a, strchr(editaccess, *a) ? "checked=\"checked\"":"", getarg(buf2)); ++a; } printf("</tbody></table></td></tr>\n" "<tr><td> </td>" "<td><input type=\"submit\" name=\"do.update\" value=\"%s\" />" "</td>" "</table></tbody></td></tr>\n", getarg("UPDATE")); printf("</tbody></table></form>\n"); }
static void doupdate() { maildir_aclt_list l; char *owner; char buf[2]; char *p; struct maildir_info minfo; if (maildir_info_imap_find(&minfo, sqwebmail_folder, login_returnaddr()) < 0) return; if (acl_read2(&l, &minfo, &owner) < 0) { maildir_info_destroy(&minfo); return; } strcpy(buf, ACL_ADMINISTER); acl_computeRights(&l, buf, owner); if (!*buf) { if (owner) free(owner); maildir_aclt_list_destroy(&l); maildir_info_destroy(&minfo); return; } if (*cgi("delentity")) { if (maildir_aclt_list_del(&l, cgi("delentity"))) printf("%s", getarg("ACL_failed")); } if (*cgi("do.update")) { char *entity=NULL; const char *p; char new_acl[40]; p=cgi("entitytype"); if (strcmp(p, "anonymous") == 0 || strcmp(p, "owner") == 0) entity=strdup(p); else if (strcmp(p, "user") == 0) { p=cgi("entity"); if (*p) { entity=malloc(sizeof("user="******"user="******"group") == 0) { p=cgi("entity"); if (*p) { entity=malloc(sizeof("group=")+strlen(p)); if (entity) strcat(strcpy(entity, "group="), p); } } else { entity=strdup(cgi("entity")); } if (*cgi("negate") == '-' && entity) { char *p=malloc(strlen(entity)+2); if (p) strcat(strcpy(p, "-"), entity); free(entity); entity=p; } if (entity) { char *val= unicode_convert_toutf8(entity, sqwebmail_content_charset, NULL); if (val) { free(entity); entity=val; } } p=getarg("ACL_all"); new_acl[0]=0; while (*p && strlen(new_acl) < sizeof(new_acl)-2) { char b[40]; sprintf(b, "acl_%c", *p); if (*cgi(b)) { b[0]=*p; b[1]=0; strcat(new_acl, b); } ++p; } if (!entity || !*entity || maildir_aclt_list_add(&l, entity, new_acl, NULL) < 0) printf("%s", getarg("ACL_failed")); if (entity) free(entity); } p=maildir_name2dir(".", minfo.maildir); if (p) { const char *err_ident; if (maildir_acl_write(&l, minfo.homedir, strncmp(p, "./", 2) == 0 ? p+2:p, owner, &err_ident)) printf("%s", getarg("ACL_failed")); free(p); } if (owner) free(owner); maildir_aclt_list_destroy(&l); maildir_info_destroy(&minfo); }
void listrights() { maildir_aclt_list l; char buf[40]; char *owner; if (*cgi("do.update") || *cgi("delentity")) { struct maildir_info minfo; if (maildir_info_imap_find(&minfo, sqwebmail_folder, login_returnaddr()) == 0) { if (minfo.homedir) { struct maildirwatch *w; char *lock; int tryanyway; w=maildirwatch_alloc(minfo.homedir); if (!w) { maildir_info_destroy(&minfo); enomem(); return; } lock=maildir_lock(minfo.homedir, w, &tryanyway); maildir_info_destroy(&minfo); if (lock == NULL) { if (!tryanyway) { printf("%s", getarg("ACL_noaccess")); return; } } doupdate(); if (lock) { unlink(lock); free(lock); } maildirwatch_free(w); } } } if (acl_read(&l, sqwebmail_folder, &owner) < 0) { printf("%s", getarg("ACL_cantread")); return; } buf[0]=0; strncat(buf, getarg("ACL_all"), sizeof(buf)-2); acl_computeRights(&l, buf, owner); maildir_aclt_list_destroy(&l); if (owner) free(owner); if (!maildir_acl_canlistrights(buf)) { printf("%s", getarg("ACL_cantread")); return; } showrights(buf); }
int main(int argc, char *argv[]) { const char *cmd; const char *maildir; const char *folder; if (argc < 3) usage(); cmd=argv[1]; if (strcmp(cmd, resetcmd) && strcmp(cmd, listcmd) && strcmp(cmd, setcmd) && strcmp(cmd, deletecmd) && strcmp(cmd, computecmd)) usage(); maildir=argv[2]; if (strcmp(cmd, resetcmd) == 0) { if (maildir_acl_reset(maildir)) { perror(maildir); exit(1); } exit(0); } if (argc < 4) usage(); folder=argv[3]; if (strcmp(folder, INBOX) && strncmp(folder, INBOX ".", sizeof(INBOX ".")-1)) { errno=EINVAL; perror(folder); exit(1); } folder += sizeof(INBOX)-1; if (!*folder) folder="."; if (strcmp(cmd, listcmd) == 0) { maildir_aclt_list l; if (maildir_acl_read(&l, maildir, folder) || maildir_aclt_list_enum(&l, acl_list, NULL)) { perror(maildir); exit(1); } maildir_aclt_list_destroy(&l); exit(0); } if (strcmp(cmd, setcmd) == 0) { maildir_aclt_list l; maildir_aclt a; const char *identifier; const char *rights; const char *err_failedrights; if (argc < 6) usage(); identifier=argv[4]; rights=argv[5]; if (maildir_acl_read(&l, maildir, folder)) { perror(maildir); exit(1); } if (*rights == '+') { if (maildir_aclt_init(&a, NULL, maildir_aclt_list_find(&l, identifier )) || maildir_aclt_add(&a, rights+1, NULL)) { perror(argv[0]); exit(1); } } else if (*rights == '-') { if (maildir_aclt_init(&a, NULL, maildir_aclt_list_find(&l, identifier )) || maildir_aclt_del(&a, rights+1, NULL)) { perror(argv[0]); exit(1); } } else if (maildir_aclt_init(&a, rights, NULL)) { perror(argv[0]); exit (1); } if (maildir_aclt_list_add(&l, identifier, NULL, &a)) { perror(argv[0]); exit(1); } if (maildir_acl_write(&l, maildir, folder, "owner", &err_failedrights)) { if (err_failedrights) { fprintf(stderr, "Trying to set invalid access" " rights for %s\n", err_failedrights); } else perror(maildir); exit(1); } } if (strcmp(cmd, deletecmd) == 0) { maildir_aclt_list l; const char *identifier; const char *err_failedrights; if (argc < 5) usage(); identifier=argv[4]; if (maildir_acl_read(&l, maildir, folder)) { perror(maildir); exit(1); } if (maildir_aclt_list_del(&l, identifier)) { perror(maildir); exit(1); } if (maildir_acl_write(&l, maildir, folder, "owner", &err_failedrights)) { if (err_failedrights) { fprintf(stderr, "Trying to set invalid access" " rights for %s\n", err_failedrights); } else perror(maildir); exit(1); } } if (strcmp(cmd, computecmd) == 0) { maildir_aclt_list l; maildir_aclt a; struct computeinfo ci; ci.argc=argc; ci.argv=argv; if (argc < 5) usage(); if (maildir_acl_read(&l, maildir, folder)) { perror(maildir); exit(1); } if (maildir_acl_compute(&a, &l, isme, &ci)) { perror(maildir); exit(1); } printf("%s\n", maildir_aclt_ascstr(&a)); } return (0); }