View Issue Details

IDProjectCategoryView StatusLast Update
0001358SOGoWeb Preferencespublic2011-07-05 17:19
Reporterbear-cave Assigned Toludovic  
PrioritynormalSeveritymajorReproducibilityalways
Status resolvedResolutionfixed 
Product Version1.3.7a 
Target Version1.3.8Fixed in Version1.3.8 
Summary0001358: Mailbox share ACLs - parse of IMAP GETACL fails if name contains a space
Description

When parsing the result of an IMAP GETACL, the parse fails if the rights user identifier (i.e. user, group) contains a space.

And if a user is reported with explicitly no rights, I suspect the parse should return an empty string '', not the current '""'.

Additional Information

User IDs containing spaces are probably mercifully rare. But in an LDAP world, groups where the key is the group cn are much more likely.

Or, so put it another way, my LDAP directory doesn't have any users with a uid containing a space, but it has several groups where the group cn does. :-)

The attached patch reworks the parsing of the response to a GETACL to handle quoted rights user identifiers. It also looks out for quoted rights. So,
for example, a response

ACL INBOX.Test "$a group" lrs fred ""

gives user '$a group' with rights 'lrs' and user 'fred' with rights ''.

With this patch and Dovecot 2.0 (group ACL handling is buggy in Dovecot 1.2) SOGo correctly displays and manipulates ACLs for groups with a space in the name.

TagsNo tags attached.

Activities

2011-07-04 14:05

 

getacl-parse.patch (2,355 bytes)   
#
# old_revision [555863e57ce13da9beb5913a24acef71207b4ced]
#
# patch "sope-mime/NGImap4/NGImap4ResponseParser.m"
#  from [04deb0701871ae52d976cd1aa30895b7dabb8d0b]
#    to [82702640b6d50ed723e1748c85fcaccdcc0ec2f5]
#
--- sope-mime/NGImap4/NGImap4ResponseParser.m	old
+++ sope-mime/NGImap4/NGImap4ResponseParser.m	new
@@ -1032,41 +1032,44 @@
 - (BOOL)_parseACLResponseIntoHashMap:(NGMutableHashMap *)result_ {
   /*
     21 GETACL INBOX
-    * ACL INBOX test.et.di.cete-lyon lrswipcda helge lrwip
+    * ACL INBOX test.et.di.cete-lyon lrswipcda helge lrwip "a group" lrs fred ""
   */
-  NSString       *acls;
-  NSEnumerator   *enumerator;
-  id             obj;
+  NSString       *uid;
+  NSString       *userRights;
+  NSString       *mailbox;
   NSMutableArray *uids;
   NSMutableArray *rights;
   NSDictionary   *result;
-  int length;
   
   if (!_matchesString(self, "ACL "))
     return NO;
   _consume(self, 4);
   
-  if ((obj = _parseBodyString(self, YES)) != nil)
-    [result_ setObject:obj forKey:@"mailbox"];
+  if ((mailbox = _parseBodyString(self, YES)) != nil)
+    [result_ setObject:mailbox forKey:@"mailbox"];
   _consumeIfMatch(self, ' ');
   
-  acls = _parseUntil(self, '\n');
-  
   uids   = [[NSMutableArray alloc] initWithCapacity:8];
   rights = [[NSMutableArray alloc] initWithCapacity:8];
   
-  enumerator = [[acls componentsSeparatedByString:@" "] objectEnumerator];
-  while ((obj = [enumerator nextObject]) != nil) {
-    if ([obj characterAtIndex: 0] == '"') {
-      length = [obj length];
-      if ([obj characterAtIndex: length - 1] == '"') {
-	obj = [obj substringFromRange: NSMakeRange (1, length - 2)];
-      }
+  while (_la(self, 0) != '\n') {
+    if (_la(self, 0) == '"') {
+      uid = [self _parseQuotedString];
+      _consumeIfMatch(self, ' ');
     }
-    [uids  addObject:obj];
-    obj = [enumerator nextObject];
-    [rights addObject:(obj != nil ? obj : (id)@"")];
+    else
+      uid = _parseUntil(self, ' ' );
+
+    if (_la(self, 0) == '"')
+      userRights = [self _parseQuotedString];
+    else
+      userRights = _parseUntil2(self, ' ', '\n');
+    [self _consumeOptionalSpace];
+
+    [uids addObject:uid];
+    [rights addObject:userRights];
   }
+  _consume(self,1);
   
   result = [[NSDictionary alloc] initWithObjects:rights forKeys:uids];
   [result_ addObject:result forKey:@"acl"];
getacl-parse.patch (2,355 bytes)   
ludovic

ludovic

2011-07-05 17:19

administrator   ~0002656

Fixed: http://mtn.inverse.ca/revision/diff/d7a9be812fd5948a1a2ffc3ca8fae9e68db604b4/with/1709d5be2faef98c81803044c45b8869d94b5083

Thanks for your patch!

Issue History

Date Modified Username Field Change
2011-07-04 14:05 bear-cave New Issue
2011-07-04 14:05 bear-cave File Added: getacl-parse.patch
2011-07-04 20:53 ludovic Target Version => 1.3.8
2011-07-05 17:19 ludovic Note Added: 0002656
2011-07-05 17:19 ludovic Status new => resolved
2011-07-05 17:19 ludovic Fixed in Version => 1.3.8
2011-07-05 17:19 ludovic Resolution open => fixed
2011-07-05 17:19 ludovic Assigned To => ludovic