[dovecot/core] 587cca: acl: Fix checking whether global acl-file has chan...

GitHub noreply at github.com
Sat Oct 7 00:00:11 EEST 2017 

  Branch: refs/heads/master
  Home:   https://github.com/dovecot/core
  Commit: 587cca00ff7ec4980bfa7c069cc65e0e409d2a5f
      https://github.com/dovecot/core/commit/587cca00ff7ec4980bfa7c069cc65e0e409d2a5f
  Author: Timo Sirainen <timo.sirainen at dovecot.fi>
  Date:   2017-10-06 (Fri, 06 Oct 2017)

  Changed paths:
    M src/plugins/acl/acl-global-file.c

  Log Message:
  -----------
  acl: Fix checking whether global acl-file has changed

We always assumed that it was changed and re-read it.


  Commit: f988345bc29ef022ae73f96b3ec841d39c46d30a
      https://github.com/dovecot/core/commit/f988345bc29ef022ae73f96b3ec841d39c46d30a
  Author: Timo Sirainen <timo.sirainen at dovecot.fi>
  Date:   2017-10-06 (Fri, 06 Oct 2017)

  Changed paths:
    M src/plugins/acl/acl-backend-vfile.c

  Log Message:
  -----------
  acl: Cleanup - move code to a new acl_vfile_validity_has_changed()


  Commit: af134287071b6d8a9e12c3f11a50fe9ad824d89a
      https://github.com/dovecot/core/commit/af134287071b6d8a9e12c3f11a50fe9ad824d89a
  Author: Timo Sirainen <timo.sirainen at dovecot.fi>
  Date:   2017-10-06 (Fri, 06 Oct 2017)

  Changed paths:
    M src/plugins/acl/acl-backend-vfile.c
    M src/plugins/acl/acl-global-file.c
    M src/plugins/acl/acl-global-file.h

  Log Message:
  -----------
  acl: Fix checking create (k) permission in global acl-file

Just because the global ACL file hasn't changed since it was last refreshed
for another ACL object, it doesn't mean that those ACLs don't need to be
applied to this ACL object.

This didn't usually cause problems, because the initial ACL object refresh
was always done due to local-path refresh returning "needs a refresh".
The only exception was when acl_object_init_from_parent() was called,
because it added an empty non-NULL validity for the local-path, so the
"needs a refresh" wasn't returned. This happened only when trying to
CREATE or RENAME mailbox under a parent where user didn't have create
permissions.

This affected only when using a single global acl-file, not when using
global acl directory containing per-mailbox files.


Compare: https://github.com/dovecot/core/compare/6781f16b21fb...af134287071b

More information about the dovecot-cvs mailing list