WIP of RFC 4314 implementation, in order to be able to separate delete message right and delete mailbox right in mail acl dialog

This commit is contained in:
Hadi Nategh 2017-05-11 16:47:31 +02:00
parent ce990f65ae
commit 63e0157baf
3 changed files with 117 additions and 38 deletions

View File

@ -10,6 +10,56 @@
* @version $Id$ * @version $Id$
*/ */
/*
* Reference: RFC 4314 DOCUMENTATION - RIGHTS (https://tools.ietf.org/html/rfc4314)
*
* Standard Rights:
*
* The currently defined standard rights are (note that the list below
* doesn't list all commands that use a particular right):
*
* l - lookup (mailbox is visible to LIST/LSUB commands, SUBSCRIBE mailbox)
* r - read (SELECT the mailbox, perform STATUS)
* s - keep seen/unseen information across sessions (set or clear \SEEN flag
* via STORE, also set \SEEN during APPEND/COPY/ FETCH BODY[...])
* w - write (set or clear flags other than \SEEN and \DELETED via
* STORE, also set them during APPEND/COPY)
* i - insert (perform APPEND, COPY into mailbox)
* p - post (send mail to submission address for mailbox,
* not enforced by IMAP4 itself)
* k - create mailboxes (CREATE new sub-mailboxes in any
* implementation-defined hierarchy, parent mailbox for the new
* mailbox name in RENAME)
* x - delete mailbox (DELETE mailbox, old mailbox name in RENAME)
* t - delete messages (set or clear \DELETED flag via STORE, set
* \DELETED flag during APPEND/COPY)
* e - perform EXPUNGE and expunge as a part of CLOSE
* a - administer (perform SETACL/DELETEACL/GETACL/LISTRIGHTS)
*
*
*
* Obsolete Rights:
*
* Due to ambiguity in RFC 2086, some existing RFC 2086 server
* implementations use the "c" right to control the DELETE command.
* Others chose to use the "d" right to control the DELETE command. For
* the former group, let's define the "create" right as union of the "k"
* and "x" rights, and the "delete" right as union of the "e" and "t"
* rights. For the latter group, let's define the "create" rights as a
* synonym to the "k" right, and the "delete" right as union of the "e",
* "t", and "x" rights.
* For compatibility with RFC 2086, this section defines two virtual
* rights "d" and "c".
* If a client includes the "d" right in a rights list, then it MUST be
* treated as if the client had included every member of the "delete"
* right. (It is not an error for a client to specify both the "d"
* right and one or more members of the "delete" right, but the effect
* is no different than if just the "d" right or all members of the
* "delete" right had been specified.)
*
*/
use EGroupware\Api; use EGroupware\Api;
use EGroupware\Api\Framework; use EGroupware\Api\Framework;
use EGroupware\Api\Etemplate; use EGroupware\Api\Etemplate;

View File

@ -62,7 +62,7 @@ app.classes.mail = AppJS.extend(
* @array * @array
* *
*/ */
aclRights:['l','r','s','w','i','p','c','d','a'], aclRights:['l','r','s','w','i','p','c','d','k','x','t','e','a'],
/** /**
* In order to store Intervals assigned to window * In order to store Intervals assigned to window
@ -3920,6 +3920,11 @@ app.classes.mail = AppJS.extend(
{ {
var rightsWidget = this.et2.getWidgetById(rowId+'[acl_' + this.aclRights[i]+ ']'); var rightsWidget = this.et2.getWidgetById(rowId+'[acl_' + this.aclRights[i]+ ']');
rightsWidget.set_value((jQuery.inArray(this.aclRights[i],rights) != -1 )?true:false); rightsWidget.set_value((jQuery.inArray(this.aclRights[i],rights) != -1 )?true:false);
if ((rights.indexOf('c') == -1 && ['k','x'].indexOf(this.aclRights[i]) > -1)
|| (rights.indexOf('d') == -1 && ['e','x','t'].indexOf(this.aclRights[i]) > -1 ))
{
rightsWidget.set_readonly(false);
}
} }
} }
}, },
@ -3934,35 +3939,47 @@ app.classes.mail = AppJS.extend(
*/ */
acl_common_rights: function(event, widget) acl_common_rights: function(event, widget)
{ {
var rowId = widget.id.replace(/[^0-9.]+/g, ''); var rowId = widget.id.replace(/[^0-9.]+/g, '');
var aclCommonWidget = this.et2.getWidgetById(rowId + '[acl]'); var aclCommonWidget = this.et2.getWidgetById(rowId + '[acl]');
var rights = ''; var rights = '';
var selectedBox = widget.id;
var virtualDelete = ['e','t','x'];
var virtualCreate = ['k','x'];
for (var i=0;i<this.aclRights.length;i++) for (var i=0;i<this.aclRights.length;i++)
{ {
var rightsWidget = this.et2.getWidgetById(rowId+'[acl_' + this.aclRights[i]+ ']'); var rightsWidget = this.et2.getWidgetById(rowId+'[acl_' + this.aclRights[i]+ ']');
if (rightsWidget.get_value() == "true") if (selectedBox == rowId+'[acl_c]' && virtualCreate.indexOf(this.aclRights[i])>-1)
rights += this.aclRights[i]; {
rightsWidget.set_value(false);
rightsWidget.set_readonly(widget.get_value() == "true" ? true:false);
}
if (selectedBox == rowId+'[acl_d]' && virtualDelete.indexOf(this.aclRights[i])>-1)
{
rightsWidget.set_value(false);
rightsWidget.set_readonly(widget.get_value() == "true" ? true:false);
}
if (rightsWidget.get_value() == "true")
rights += this.aclRights[i];
}
} for (var i=0;i<this.aclCommonRights.length;i++)
{
for (var i=0;i<this.aclCommonRights.length;i++) if (rights.split("").sort().toString() == this.aclCommonRights[i].split("").sort().toString())
{ rights = this.aclCommonRights[i];
if (rights.split("").sort().toString() == this.aclCommonRights[i].split("").sort().toString()) }
rights = this.aclCommonRights[i]; if (jQuery.inArray(rights,this.aclCommonRights ) == -1 && rights !='lrswipcda')
} {
if (jQuery.inArray(rights,this.aclCommonRights ) == -1 && rights !='lrswipcda') aclCommonWidget.set_value('custom');
{ }
aclCommonWidget.set_value('custom'); else if (rights =='lrswipcda')
} {
else if (rights =='lrswipcda') aclCommonWidget.set_value('aeiklprstwx');
{ }
aclCommonWidget.set_value('aeiklprstwx'); else
} {
else aclCommonWidget.set_value(rights);
{ }
aclCommonWidget.set_value(rights);
}
}, },
/** /**

View File

@ -33,21 +33,29 @@
<column/> <column/>
<column/> <column/>
<column/> <column/>
<column/>
<column/>
<column/>
<column/>
</columns> </columns>
<rows> <rows>
<row class="th"> <row class="th">
<description value="Name"/> <description value="Name"/>
<description value="Common ACL"/> <description value="Common ACL"/>
<description align="center" value="L"/> <description align="center" statustext="Lookup (mailbox is visible to LIST/LSUB commands, SUBSCRIBE mailbox)" value="L"/>
<description align="center" value="R"/> <description align="center" statustext="Read (SELECT the mailbox, perform STATUS)" value="R"/>
<description align="center" value="S"/> <description align="center" statustext="Keep seen/unseen information across sessions (set or clear \SEEN flag via STORE, also set \SEEN during APPEND/COPY/ FETCH BODY[...])" value="S"/>
<description align="center" value="W"/> <description align="center" statustext="Write (set or clear flags other than \SEEN and \DELETED via STORE, also set them during APPEND/COPY)" value="W"/>
<description align="center" value="I"/> <description align="center" statustext="Insert (perform APPEND, COPY into mailbox)" value="I"/>
<description align="center" value="P"/> <description align="center" statustext="Post (send mail to submission address for mailbox, not enforced by IMAP4 itself)" value="P"/>
<description align="center" value="C"/> <description align="center" statustext="Obsolet create right, combination rights of K and X" value="C"/>
<description align="center" value="D"/> <description align="center" statustext="Obsolete delete right, combination rights of E, T and X" value="D"/>
<description align="center" value="A"/> <description align="center" statustext="Create mailboxes (CREATE new sub-mailboxes in any implementation-defined hierarchy, parent mailbox for the new mailb" value="K"/>
<description align="center" value="Recursively"/> <description align="center" statustext="Delete mailbox (DELETE mailbox, old mailbox name in RENAME)" value="X"/>
<description align="center" statustext="Delete messages (set or clear \DELETED flag via STORE, set \DELETED flag during APPEND/COPY)" value="T"/>
<description align="center" statustext="Perform EXPUNGE and expunge as a part of CLOSE" value="E"/>
<description align="center" statustext="Administer (perform SETACL/DELETEACL/GETACL/LISTRIGHTS)" value="A"/>
<description align="center" statustext="Apply rights recursively to sub-folders" value="Recursively"/>
<description value="Action"/> <description value="Action"/>
</row> </row>
<row class="row"> <row class="row">
@ -63,6 +71,10 @@
<checkbox align="center" id="${row}[acl_p]" onchange="app.mail.acl_common_rights"/> <checkbox align="center" id="${row}[acl_p]" onchange="app.mail.acl_common_rights"/>
<checkbox align="center" id="${row}[acl_c]" onchange="app.mail.acl_common_rights"/> <checkbox align="center" id="${row}[acl_c]" onchange="app.mail.acl_common_rights"/>
<checkbox align="center" id="${row}[acl_d]" onchange="app.mail.acl_common_rights"/> <checkbox align="center" id="${row}[acl_d]" onchange="app.mail.acl_common_rights"/>
<checkbox align="center" id="${row}[acl_k]" onchange="app.mail.acl_common_rights"/>
<checkbox align="center" id="${row}[acl_x]" onchange="app.mail.acl_common_rights"/>
<checkbox align="center" id="${row}[acl_t]" onchange="app.mail.acl_common_rights"/>
<checkbox align="center" id="${row}[acl_e]" onchange="app.mail.acl_common_rights"/>
<checkbox align="center" id="${row}[acl_a]" onchange="app.mail.acl_common_rights"/> <checkbox align="center" id="${row}[acl_a]" onchange="app.mail.acl_common_rights"/>
<checkbox align="center" id="${row}[acl_recursive]"/> <checkbox align="center" id="${row}[acl_recursive]"/>
<hbox orient=",0,0"> <hbox orient=",0,0">