Back to index

courier  0.68.2
Defines | Functions | Variables
acl.c File Reference
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <ctype.h>
#include <fcntl.h>
#include <errno.h>
#include <courierauth.h>
#include "config.h"
#include "sqwebmail.h"
#include "maildir.h"
#include "cgi/cgi.h"
#include "pref.h"
#include "sqconfig.h"
#include "auth.h"
#include "acl.h"
#include "maildir/maildirquota.h"
#include "maildir/maildirrequota.h"
#include "maildir/maildirgetquota.h"
#include "maildir/maildirmisc.h"
#include "maildir/maildircreate.h"
#include "maildir/maildirwatch.h"
#include "unicode/unicode.h"
#include "htmllibdir.h"
#include <sys/types.h>
#include <sys/stat.h>
#include "strftime.h"

Go to the source code of this file.

Defines

#define dirent   direct
#define NAMLEN(dirent)   ((dirent)->d_namlen)

Functions

void output_urlencoded (const char *p)
void output_attrencoded (const char *p)
void output_scriptptrget ()
void output_scriptptr ()
void output_scriptptrpostinfo ()
int maildir_info_suppress (const char *maildir)
const char * maildir_shared_index_file ()
int acl_read (maildir_aclt_list *l, const char *folder, char **owner)
int acl_read2 (maildir_aclt_list *l, struct maildir_info *minfo, char **owner)
void acl_computeRightsOnFolder (const char *folder, char *rights)
void acl_computeRights (maildir_aclt_list *l, char *rights, const char *owner)
static void showrights (const char *buf)
static void doupdate ()
void listrights ()
static void p_ident_name (const char *identifier)
static int getacl_cb (const char *identifier, const maildir_aclt *acl, void *dummy)
void getacl ()

Variables

const char * sqwebmail_folder
dev_t sqwebmail_homedir_dev
ino_t sqwebmail_homedir_ino
const char * sqwebmail_content_charset
int verify_shared_index_file = 0

Define Documentation

#define dirent   direct

Definition at line 41 of file acl.c.

#define NAMLEN (   dirent)    ((dirent)->d_namlen)

Definition at line 42 of file acl.c.


Function Documentation

void acl_computeRights ( maildir_aclt_list l,
char *  rights,
const char *  owner 
)

Definition at line 209 of file acl.c.

{
       char *p, *q;

       maildir_aclt a;

       if (maildir_acl_computerights(&a, l, login_returnaddr(), owner) < 0)
       {
              *rights=0;
              return;
       }

       for (p=q=rights; *p; p++)
       {
              if (strchr(maildir_aclt_ascstr(&a), *p))
                     *q++ = *p;
       }
       *q=0;
       maildir_aclt_destroy(&a);
}

Here is the call graph for this function:

Here is the caller graph for this function:

void acl_computeRightsOnFolder ( const char *  folder,
char *  rights 
)

Definition at line 193 of file acl.c.

{
       maildir_aclt_list l;
       char *owner;

       if (acl_read(&l, folder, &owner) < 0)
       {
              *rights=0;
              return;
       }
       acl_computeRights(&l, rights, owner);
       if (owner)
              free(owner);
       maildir_aclt_list_destroy(&l);
}

Here is the call graph for this function:

Here is the caller graph for this function:

int acl_read ( maildir_aclt_list l,
const char *  folder,
char **  owner 
)

Definition at line 132 of file acl.c.

{
       struct maildir_info minfo;
       int rc;

       if (maildir_info_imap_find(&minfo, folder,
                               login_returnaddr())<0)
       {
              return -1;
       }

       rc=acl_read2(l, &minfo, owner);
       maildir_info_destroy(&minfo);
       return rc;
}

Here is the call graph for this function:

Here is the caller graph for this function:

int acl_read2 ( maildir_aclt_list l,
struct maildir_info minfo,
char **  owner 
)

Definition at line 149 of file acl.c.

{
       int rc;
       char *p;

       if (minfo->mailbox_type == MAILBOXTYPE_OLDSHARED)
       {
              /* Legacy shared., punt. */

              maildir_aclt_list_init(l);
              if (maildir_aclt_list_add(l, "anyone",
                                     ACL_LOOKUP ACL_READ
                                     ACL_SEEN ACL_WRITE
                                     ACL_INSERT
                                     ACL_DELETEMSGS ACL_EXPUNGE, NULL) < 0
                  || (*owner=strdup("vendor=courier.internal")) == NULL)
              {
                     maildir_aclt_list_destroy(l);
                     return -1;
              }
              return 0;
       }

       if (minfo->homedir == NULL || minfo->maildir == NULL)
              return -1;

       p=maildir_name2dir(".", minfo->maildir);

       if (!p)
              return -1;

       rc=maildir_acl_read(l, minfo->homedir,
                         strncmp(p, "./", 2) == 0 ? p+2:p);
       free(p);
       if (owner && rc == 0)
       {
              *owner=minfo->owner;
              minfo->owner=NULL;
       }
       return rc;
}

Here is the call graph for this function:

Here is the caller graph for this function:

static void doupdate ( ) [static]

Definition at line 334 of file acl.c.

{
       maildir_aclt_list l;
       char *owner;
       char buf[2];
       char *p;
       struct maildir_info minfo;

       if (maildir_info_imap_find(&minfo, sqwebmail_folder,
                               login_returnaddr()) < 0)
              return;

       if (acl_read2(&l, &minfo, &owner) < 0)
       {
              maildir_info_destroy(&minfo);
              return;
       }

       strcpy(buf, ACL_ADMINISTER);
       acl_computeRights(&l, buf, owner);
       if (!*buf)
       {
              if (owner)
                     free(owner);
              maildir_aclt_list_destroy(&l);
              maildir_info_destroy(&minfo);
              return;
       }

       if (*cgi("delentity"))
       {
              if (maildir_aclt_list_del(&l, cgi("delentity")))
                     printf("%s", getarg("ACL_failed"));
       }

       if (*cgi("do.update"))
       {
              char *entity=NULL;
              const char *p;
              char new_acl[40];

              p=cgi("entitytype");

              if (strcmp(p, "anonymous") == 0 ||
                  strcmp(p, "owner") == 0)
                     entity=strdup(p);
              else if (strcmp(p, "user") == 0)
              {
                     p=cgi("entity");

                     if (*p)
                     {
                            entity=malloc(sizeof("user=")+strlen(p));
                            if (entity)
                                   strcat(strcpy(entity, "user="), p);
                     }
              }
              else if (strcmp(p, "group") == 0)
              {
                     p=cgi("entity");

                     if (*p)
                     {
                            entity=malloc(sizeof("group=")+strlen(p));
                            if (entity)
                                   strcat(strcpy(entity, "group="), p);
                     }
              }
              else
              {
                     entity=strdup(cgi("entity"));
              }

              if (*cgi("negate") == '-' && entity)
              {
                     char *p=malloc(strlen(entity)+2);

                     if (p)
                            strcat(strcpy(p, "-"), entity);
                     free(entity);
                     entity=p;
              }

              if (entity)
              {
                     char *val=
                            libmail_u_convert_toutf8(entity,
                                                  sqwebmail_content_charset,
                                                  NULL);


                     if (val)
                     {
                            free(entity);
                            entity=val;
                     }
              }
              p=getarg("ACL_all");

              new_acl[0]=0;

              while (*p && strlen(new_acl) < sizeof(new_acl)-2)
              {
                     char b[40];

                     sprintf(b, "acl_%c", *p);

                     if (*cgi(b))
                     {
                            b[0]=*p;
                            b[1]=0;
                            strcat(new_acl, b);
                     }
                     ++p;
              }

              if (!entity || !*entity ||
                  maildir_aclt_list_add(&l, entity, new_acl, NULL) < 0)
                     printf("%s", getarg("ACL_failed"));

              if (entity)
                     free(entity);
       }

       p=maildir_name2dir(".", minfo.maildir);

       if (p)
       {
              const char *err_ident;

              if (maildir_acl_write(&l, minfo.homedir,
                                  strncmp(p, "./", 2) == 0 ? p+2:p,
                                  owner, &err_ident))
                     printf("%s", getarg("ACL_failed"));
              free(p);
       }

       if (owner)
              free(owner);
       maildir_aclt_list_destroy(&l);
       maildir_info_destroy(&minfo);
}

Here is the call graph for this function:

Here is the caller graph for this function:

void getacl ( )

Definition at line 517 of file acl.c.

{
       maildir_aclt_list l;
       char buf[2];
       char *owner;
       const char *a;
       const char *editentity=cgi("editentity");
       const char *editaccess=cgi("editaccess");

       const char *entitytype="";
       const char *entityval="";
       int negate=0;

       if (acl_read(&l, sqwebmail_folder, &owner) < 0)
       {
              printf("%s", getarg("ACL_noaccess"));
              return;
       }
       strcpy(buf, ACL_ADMINISTER);
       acl_computeRights(&l, buf, owner);
       if (owner)
              free(owner);

       if (buf[0] == 0)
       {
              maildir_aclt_list_destroy(&l);
              return;
       }

       printf("<form method=\"post\" name=\"form1\" action=\"");
       output_scriptptr();
       printf("\">");
       output_scriptptrpostinfo();
       printf("<input type=\"hidden\" name=\"update\" value=\"1\" />\n"
              "<input type=\"hidden\" name=\"form\" value=\"acl\" />\n");
       printf("<table class=\"folder-acl-list\"><tbody>"
              "<tr><th align=\"left\">%s</th><th align=\"left\">%s</th></tr>\n",
              getarg("ENTITY"),
              getarg("ACCESSRIGHTS"));

       maildir_aclt_list_enum(&l, getacl_cb, NULL);

       if (*editentity == '-')
       {
              ++editentity;
              negate=1;
       }

       if (*editentity)
       {
              if (strncmp(editentity, "user=", 5) == 0)
              {
                     entitytype="user";
                     entityval=editentity+5;
              }
              else if (strncmp(editentity, "group=", 6) == 0)
              {
                     entitytype="group";
                     entityval=editentity+6;
              }
              else if (strcmp(editentity, "owner") == 0 ||
                      strcmp(editentity, "anonymous") == 0)
              {
                     entitytype=editentity;
              }
              else
              {
                     entitytype="other";
                     entityval=editentity;
              }
       }

       printf("<tr><td colspan=\"2\"><hr width=\"90%%\" />");
       printf("<table><tbody>\n");
       printf("<tr><th colspan=\"2\" align=\"left\">%s</th></tr>\n",
              getarg("UPDATEHDR"));
       printf("<tr align=\"top\"><td>"
              "<select name=\"negate\" id=\"negate\">\n"
              "<option value=\"\" > </option>\n"
              "<option value=\"-\" %s>-</option>\n"
              "</select>\n"
              "<select name=\"entitytype\" id=\"entitytype\" "
              "onchange=\"javascript:updent()\" >\n"
              "<option value=\"user\" %s >%s</option>\n"
              "<option value=\"group\" %s >%s</option>\n"
              "<option value=\"owner\" %s >%s</option>\n"
              "<option value=\"anonymous\" %s >%s</option>\n"
              "<option value=\"administrators\" %s >%s</option>\n"
              "<option value=\"other\" %s >%s</option>\n"
              "</select><input type=\"text\" name=\"entity\" "
              " id=\"entity\" value=\"",
              negate ? "selected=\"selected\"":"",
              strcmp(entitytype, "user") == 0 ? "selected=\"selected\"":"",
              getarg("USER"),

              strcmp(entitytype, "group") == 0 ? "selected=\"selected\"":"",
              getarg("GROUP"),

              strcmp(entitytype, "owner") == 0 ? "selected=\"selected\"":"",
              getarg("OWNER"),

              strcmp(entitytype, "anonymous") == 0 ? "selected=\"selected\"":"",
              getarg("ANONYMOUS"),

              strcmp(entitytype, "administrators") == 0 ? "selected=\"selected\"":"",
              getarg("ADMINISTRATORS"),

              strcmp(entitytype, "other") == 0 ? "selected=\"selected\"":"",
              getarg("OTHER"));

       p_ident_name(entityval);

       printf("\"/></td><td><table><tbody>");

       a=getarg("ACL_all");

       while (*a)
       {
              char buf2[40];

              sprintf(buf2, "ACL_%c", *a);

              printf("<tr><td><input type=\"checkbox\" name=\"acl_%c\" "
                     "id=\"acl_%c\" %s />"
                     "</td><td>%s</td></tr>\n",
                     *a, *a,
                     strchr(editaccess, *a) ? "checked=\"checked\"":"",
                     getarg(buf2));
              ++a;
       }

       printf("</tbody></table></td></tr>\n"
              "<tr><td>&nbsp;</td>"
              "<td><input type=\"submit\" name=\"do.update\" value=\"%s\" />"
              "</td>"
              "</table></tbody></td></tr>\n",
              getarg("UPDATE"));

       printf("</tbody></table></form>\n");
}

Here is the call graph for this function:

static int getacl_cb ( const char *  identifier,
const maildir_aclt acl,
void *  dummy 
) [static]

Definition at line 493 of file acl.c.

{
       printf("<tr><td>");
       p_ident_name(identifier);
       printf("</td><td>");
       showrights(maildir_aclt_ascstr(acl));



       printf("<span class=\"folder-acl-list-action\">&nbsp;(<a href=\"");
       output_scriptptrget();
       printf("&amp;form=acl&amp;editentity=");
       output_urlencoded(identifier);
       printf("&amp;editaccess=");
       output_urlencoded(maildir_aclt_ascstr(acl));
       printf("\">%s</a>)&nbsp;(<a href=\"", getarg("EDIT"));
       output_scriptptrget();
       printf("&amp;form=acl&amp;delentity=");
       output_urlencoded(identifier);
       printf("\">%s</a>)</td></tr>\n", getarg("DELETE"));
       return 0;
}

Here is the call graph for this function:

Here is the caller graph for this function:

void listrights ( )

Definition at line 260 of file acl.c.

{
       maildir_aclt_list l;
       char buf[40];
       char *owner;

       if (*cgi("do.update") || *cgi("delentity"))
       {
              struct maildir_info minfo;

              if (maildir_info_imap_find(&minfo, sqwebmail_folder,
                                      login_returnaddr()) == 0)
              {
                     if (minfo.homedir)
                     {
                            struct maildirwatch *w;
                            char *lock;
                            int tryanyway;

                            w=maildirwatch_alloc(minfo.homedir);

                            if (!w)
                            {
                                   maildir_info_destroy(&minfo);
                                   enomem();
                                   return;
                            }

                            lock=maildir_lock(minfo.homedir, w,
                                            &tryanyway);

                            maildir_info_destroy(&minfo);

                            if (lock == NULL)
                            {
                                   if (!tryanyway)
                                   {
                                          printf("%s",
                                                 getarg("ACL_noaccess"));
                                          return;
                                   }
                            }
                            doupdate();
                            if (lock)
                            {
                                   unlink(lock);
                                   free(lock);
                            }
                            maildirwatch_free(w);
                     }
              }
       }

       if (acl_read(&l, sqwebmail_folder, &owner) < 0)
       {
              printf("%s", getarg("ACL_cantread"));
              return;
       }
       buf[0]=0;
       strncat(buf, getarg("ACL_all"), sizeof(buf)-2);
       acl_computeRights(&l, buf, owner);
       maildir_aclt_list_destroy(&l);
       if (owner)
              free(owner);

       if (!maildir_acl_canlistrights(buf))
       {
              printf("%s", getarg("ACL_cantread"));
              return;
       }

       showrights(buf);
}

Here is the call graph for this function:

Here is the caller graph for this function:

int maildir_info_suppress ( const char *  maildir)

Definition at line 80 of file acl.c.

{
       struct stat stat_buf;

       if (stat(maildir, &stat_buf) < 0 ||

           (stat_buf.st_dev == sqwebmail_homedir_dev &&
            stat_buf.st_ino == sqwebmail_homedir_ino))
              return 1;
       return 0;
}
const char* maildir_shared_index_file ( )

Definition at line 92 of file acl.c.

{
       static char *filenamep=NULL;

       if (filenamep == NULL)
       {
              const char *p=getenv("SQWEBMAIL_SHAREDINDEXFILE");

              if (!p || !*p)
                     p=SHAREDINDEXFILE;

              if (p && *p)
              {
                     const char *q=auth_getoptionenv("sharedgroup");

                     if (!q) q="";

                     filenamep=malloc(strlen(p)+strlen(q)+1);

                     if (!filenamep)
                            enomem();

                     strcat(strcpy(filenamep, p), q);
              }
       }

       if (filenamep && verify_shared_index_file)
       {
              struct stat stat_buf;

              if (stat(filenamep, &stat_buf))
              {
                     fprintf(stderr, "ERR: ");
                     perror(filenamep);
              }
       }

       return filenamep;
}

Here is the call graph for this function:

void output_attrencoded ( const char *  p)

Definition at line 259 of file sqwebmail.c.

{
       output_attrencoded_fp(p, stdout);
}

Here is the caller graph for this function:

void output_scriptptr ( )

Definition at line 312 of file sqwebmail.c.

{
const  char *p=nonloginscriptptr();

       printf("%s", p);
       if (sqwebmail_mailboxid)
       {
       char   *q=cgiurlencode(sqwebmail_mailboxid);
       char   buf[NUMBUFSIZE];

              printf("/login/%s/%s/%s", q,
                     sqwebmail_sessiontoken ?  sqwebmail_sessiontoken:" ",
                     libmail_str_time_t(login_time, buf));
              free(q);
       }
}

Here is the caller graph for this function:

Definition at line 384 of file sqwebmail.c.

{
char   *p=scriptptrget();

       printf("%s", p);
       free(p);
       return;
}

Here is the caller graph for this function:

Definition at line 393 of file sqwebmail.c.

{
       if (sqwebmail_folder)
       {
              printf("<input type=\"hidden\" name=\"folder\" value=\"");
              output_attrencoded(sqwebmail_folder);
              printf("\" />");
       }

       if (*cgi("folderdir"))      /* In folders.html */
       {
              printf("<input type=\"hidden\" name=\"folderdir\" value=\"");
              output_attrencoded(cgi("folderdir"));
              printf("\" />");
       }
}

Here is the caller graph for this function:

void output_urlencoded ( const char *  p)

Definition at line 279 of file sqwebmail.c.

{
char   *q=cgiurlencode(p);

       printf("%s", q);
       free(q);
}

Here is the caller graph for this function:

static void p_ident_name ( const char *  identifier) [static]

Definition at line 477 of file acl.c.

{
       char *val=libmail_u_convert_fromutf8(identifier,
                                        sqwebmail_content_charset,
                                        NULL);

       if (val)
       {
              output_attrencoded(val);
              free(val);
              return;
       }

       output_attrencoded(identifier);
}

Here is the call graph for this function:

Here is the caller graph for this function:

static void showrights ( const char *  buf) [static]

Definition at line 231 of file acl.c.

{
       size_t i;
       char buf2[40];

       for (i=0; buf[i]; i++)
       {
              const char *p;

              if (i)
                     printf(", ");

              sprintf(buf2, "ACL_%c", buf[i]);

              p=getarg(buf2);
              if (p && *p)
                     printf("%s", p);
              else
              {
                     buf2[0]=buf[i];
                     buf2[1]=0;

                     printf(getarg("ACL_unknown"), buf2);
              }
       }
}

Here is the call graph for this function:

Here is the caller graph for this function:


Variable Documentation

Definition at line 39 of file gpg.c.

const char* sqwebmail_folder

Definition at line 106 of file sqwebmail.c.

Definition at line 131 of file sqwebmail.c.

Definition at line 132 of file sqwebmail.c.

Definition at line 78 of file acl.c.