Page MenuHomePhorge
Files F118685664

D145.1775981230.diff
No OneTemporary
Actions

Authored By
Unknown
Size
10 KB
Referenced Files
None
Subscribers
None

D145.1775981230.diff
View Options

diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
--- a/pykolab/auth/ldap/__init__.py
+++ b/pykolab/auth/ldap/__init__.py
@@ -1325,44 +1325,8 @@
folderacl_entry_attribute
)
- if not entry[folderacl_entry_attribute] == None:
- # Parse it before assigning it
- entry['kolabfolderaclentry'] = []
- if not isinstance(entry[folderacl_entry_attribute], list):
- entry[folderacl_entry_attribute] = [ entry[folderacl_entry_attribute] ]
-
- for acl_entry in entry[folderacl_entry_attribute]:
- acl_access = acl_entry.split()[-1]
-
- if len(acl_entry.split(', ')) > 1:
- aci_subject = ', '.join(acl_entry.split(', ')[:-1])
- else:
- aci_subject = acl_entry.split()[0]
-
- log.debug(_("Found a subject %r with access %r") % (aci_subject, acl_access), level=8)
-
- access_lookup_dict = {
- 'all': 'lrsedntxakcpiw',
- 'append': 'wip',
- 'full': 'lrswipkxtecdn',
- 'read': 'lrs',
- 'read-only': 'lrs',
- 'read-write': 'lrswitedn',
- 'post': 'p',
- 'semi-full': 'lrswit',
- 'write': 'lrswite',
- }
-
- if access_lookup_dict.has_key(acl_access):
- acl_access = access_lookup_dict[acl_access]
-
- log.debug(_("Found a subject %r with access %r") % (aci_subject, acl_access), level=8)
-
- entry['kolabfolderaclentry'].append("(%r, %r, %r)" % (folder_path, aci_subject, acl_access))
-
if not self.imap.shared_folder_exists(folder_path):
self.imap.shared_folder_create(folder_path, server)
- self.imap.set_acl(folder_path, 'anyone', '')
if entry.has_key('kolabfoldertype') and \
not entry['kolabfoldertype'] == None:
@@ -1372,12 +1336,11 @@
entry['kolabfoldertype']
)
- if entry.has_key('kolabfolderaclentry') and \
- not entry['kolabfolderaclentry'] == None:
+ entry['kolabfolderaclentry'] = self._parse_acl(entry[folderacl_entry_attribute])
- self.imap._set_kolab_mailfolder_acls(
- entry['kolabfolderaclentry']
- )
+ self.imap._set_kolab_mailfolder_acls(
+ entry['kolabfolderaclentry'], folder_path
+ )
if entry.has_key(delivery_address_attribute) and \
not entry[delivery_address_attribute] == None:
@@ -1722,44 +1685,8 @@
folderacl_entry_attribute
)
- if not entry[folderacl_entry_attribute] == None:
- # Parse it before assigning it
- entry['kolabfolderaclentry'] = []
- if not isinstance(entry[folderacl_entry_attribute], list):
- entry[folderacl_entry_attribute] = [ entry[folderacl_entry_attribute] ]
-
- for acl_entry in entry[folderacl_entry_attribute]:
- acl_access = acl_entry.split()[-1]
-
- if len(acl_entry.split(', ')) > 1:
- aci_subject = ', '.join(acl_entry.split(', ')[:-1])
- else:
- aci_subject = acl_entry.split()[0]
-
- log.debug(_("Found a subject %r with access %r") % (aci_subject, acl_access), level=8)
-
- access_lookup_dict = {
- 'all': 'lrsedntxakcpiw',
- 'append': 'wip',
- 'full': 'lrswipkxtecdn',
- 'read': 'lrs',
- 'read-only': 'lrs',
- 'read-write': 'lrswitedn',
- 'post': 'p',
- 'semi-full': 'lrswit',
- 'write': 'lrswite',
- }
-
- if access_lookup_dict.has_key(acl_access):
- acl_access = access_lookup_dict[acl_access]
-
- log.debug(_("Found a subject %r with access %r") % (aci_subject, acl_access), level=8)
-
- entry['kolabfolderaclentry'].append("(%r, %r, %r)" % (folder_path, aci_subject, acl_access))
-
if not self.imap.shared_folder_exists(folder_path):
self.imap.shared_folder_create(folder_path, server)
- self.imap.set_acl(folder_path, 'anyone', '')
if entry.has_key('kolabfoldertype') and \
not entry['kolabfoldertype'] == None:
@@ -1769,12 +1696,11 @@
entry['kolabfoldertype']
)
- if entry.has_key('kolabfolderaclentry') and \
- not entry['kolabfolderaclentry'] == None:
+ entry['kolabfolderaclentry'] = self._parse_acl(entry[folderacl_entry_attribute])
- self.imap._set_kolab_mailfolder_acls(
- entry['kolabfolderaclentry']
- )
+ self.imap._set_kolab_mailfolder_acls(
+ entry['kolabfolderaclentry'], folder_path, True
+ )
if entry.has_key(delivery_address_attribute) and \
not entry[delivery_address_attribute] == None:
@@ -1952,33 +1878,11 @@
entry['kolabfoldertype']
)
- if entry.has_key('kolabfolderaclentry') and \
- not entry['kolabfolderaclentry'] == None:
-
- if isinstance(entry['kolabfolderaclentry'], basestring):
- entry['kolabfolderaclentry'] = [ entry['kolabfolderaclentry'] ]
-
- import copy
- _acls = copy.deepcopy(entry['kolabfolderaclentry'])
- entry['kolabfolderaclentry'] = []
-
- for _entry in _acls:
- if _entry[0] == "(":
- entry['kolabfolderaclentry'].append(_entry)
- continue
-
- s,r = [x.strip() for x in _entry.split(',')]
+ entry['kolabfolderaclentry'] = self._parse_acl(entry['kolabfolderaclentry'])
- entry['kolabfolderaclentry'].append("('%s', '%s', '%s')" % (folder_path, s, r))
-
- self.imap._set_kolab_mailfolder_acls(
- entry['kolabfolderaclentry']
- )
-
- elif entry['kolabfolderaclentry'] in [None,[]]:
- for ace in self.imap.list_acls(folder_path):
- aci_subject = ace.split()[0]
- self.imap.set_acl(folder_path, aci_subject, '')
+ self.imap._set_kolab_mailfolder_acls(
+ entry['kolabfolderaclentry'], folder_path, True
+ )
delivery_address_attribute = self.config_get('sharedfolder_delivery_address_attribute')
if entry.has_key(delivery_address_attribute) and \
@@ -2923,3 +2827,32 @@
continue
return _results
+
+ def _parse_acl(self, acl):
+ """
+ Parse LDAP ACL specification for use in IMAP
+ """
+
+ results = []
+
+ if acl is not None:
+ if not isinstance(acl, list):
+ acl = [ acl ]
+
+ for acl_entry in acl:
+ # entry already converted to IMAP format?
+ if acl_entry[0] == "(":
+ results.append(acl_entry)
+ continue
+
+ acl_access = acl_entry.split()[-1]
+ acl_subject = acl_entry.split(', ')
+
+ if len(acl_subject) > 1:
+ acl_subject = ', '.join(acl_subject[:-1])
+ else:
+ acl_subject = acl_entry.split()[0]
+
+ results.append("(%r, %r)" % (acl_subject, acl_access))
+
+ return results
diff --git a/pykolab/imap/__init__.py b/pykolab/imap/__init__.py
--- a/pykolab/imap/__init__.py
+++ b/pykolab/imap/__init__.py
@@ -816,20 +816,43 @@
else:
return False
- def _set_kolab_mailfolder_acls(self, acls):
+ def _set_kolab_mailfolder_acls(self, acls, folder=None, update=False):
+ # special case, folder has no ACLs assigned and update was requested,
+ # remove all existing ACL entries
+ if update is True and isinstance(acls, list) and len(acls) == 0:
+ acls = self.list_acls(folder)
+ for subject in acls:
+ log.debug(
+ _("Removing ACL rights %s for subject %s on folder " + \
+ "%s") % (acls[subject], subject, folder), level=8)
+ self.set_acl(folder, subject, '')
+
+ return
+
if isinstance(acls, basestring):
acls = [ acls ]
+ old_acls = None
+
for acl in acls:
exec("acl = %s" % (acl))
- folder = acl[0]
- subject = acl[1]
- rights = acl[2]
- if len(acl) == 4:
- epoch = acl[3]
+ subject = acl[0]
+ rights = acl[1]
+ if len(acl) == 3:
+ epoch = acl[2]
else:
epoch = (int)(time.time()) + 3600
+ # update mode, check existing entries
+ if update is True:
+ if old_acls is None:
+ old_acls = self.list_acls(folder)
+ for old_subject in old_acls:
+ old_acls[old_subject] = old_acls[old_subject]
+
+ if subject in old_acls:
+ old_acls[subject] = None
+
if epoch > (int)(time.time()):
log.debug(
_("Setting ACL rights %s for subject %s on folder " + \
@@ -852,6 +875,15 @@
""
)
+ # update mode, unset removed ACL entries
+ if old_acls is not None:
+ for subject in old_acls:
+ if old_acls[subject] is not None:
+ log.debug(
+ _("Removing ACL rights %s for subject %s on folder " + \
+ "%s") % (old_acls[subject], subject, folder), level=8)
+ self.set_acl(folder, subject, '')
+
pass
""" Blah functions """

File Metadata

Mime Type
text/plain
Expires
Sun, Apr 12, 8:07 AM (16 h, 3 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
18849802
Default Alt Text
D145.1775981230.diff (10 KB)

Event Timeline