5 commits - pykolab/auth pykolab/cli pykolab/plugins

Jeroen van Meeuwen vanmeeuwen at kolabsys.com
Wed Jan 30 15:32:31 CET 2013


 pykolab/auth/ldap/__init__.py         |  153 +++++++++++++++++++++++++++++++++-
 pykolab/cli/sieve/cmd_refresh.py      |    1 
 pykolab/plugins/sievemgmt/__init__.py |    1 
 3 files changed, 154 insertions(+), 1 deletion(-)

New commits:
commit 6e4ec59549461c2a333ec032ed8ee1238de75347
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Wed Jan 30 14:31:52 2013 +0000

    Ensure an attribute obtained is case-insensitive when we look it up

diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
index e7da7ec..16c0688 100644
--- a/pykolab/auth/ldap/__init__.py
+++ b/pykolab/auth/ldap/__init__.py
@@ -281,6 +281,8 @@ class LDAP(pykolab.base.Base):
 
         if entry_attrs.has_key(attribute):
             return entry_attrs[attribute]
+        elif entry_attrs.has_key(attribute.lower()):
+            return entry_attrs[attribute.lower()]
         else:
             return None
 


commit 2f765b856551925ad1ee317e85a6fc257874f956
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Mon Jan 28 01:32:34 2013 +0000

    Resolve redirect not being a terminal action - need stop on not keeping a copy (#1588)

diff --git a/pykolab/cli/sieve/cmd_refresh.py b/pykolab/cli/sieve/cmd_refresh.py
index f672410..87af982 100644
--- a/pykolab/cli/sieve/cmd_refresh.py
+++ b/pykolab/cli/sieve/cmd_refresh.py
@@ -338,6 +338,7 @@ def execute(*args, **kw):
                 rule_name = 'forward'
 
             forward_rules.append(("redirect", forward_addresses[-1]))
+            forward_rules.append(("stop"))
 
         if forward_uce:
             mgmt_script.addfilter(rule_name, ['true'], forward_rules)
diff --git a/pykolab/plugins/sievemgmt/__init__.py b/pykolab/plugins/sievemgmt/__init__.py
index df4720c..6395f2f 100644
--- a/pykolab/plugins/sievemgmt/__init__.py
+++ b/pykolab/plugins/sievemgmt/__init__.py
@@ -350,6 +350,7 @@ class KolabSievemgmt(object):
                     rule_name = 'forward'
 
                 forward_rules.append(("redirect", forward_addresses[-1]))
+                forward_rules.append(("stop"))
 
             if forward_uce:
                 mgmt_script.addfilter(rule_name, ['true'], forward_rules)


commit dff2be70f952637d0ad0a5941ba5dabdd47b53f3
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Sun Jan 27 14:36:50 2013 +0000

    Correct the other call to modify ACL entries on IMAP folders from LDAP

diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
index 79b3d86..e7da7ec 100644
--- a/pykolab/auth/ldap/__init__.py
+++ b/pykolab/auth/ldap/__init__.py
@@ -1451,8 +1451,7 @@ class LDAP(pykolab.base.Base):
                 not entry['kolabmailfolderaclentry'] == None:
 
             self.imap._set_kolab_mailfolder_acls(
-                    entry['kolabmailfolderaclentry'],
-                    folder=folder_path
+                    entry['kolabmailfolderaclentry']
                 )
 
         #if server == None:


commit fdce13bf7f80addee7293eccfc413c6769066706
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Sun Jan 27 14:34:07 2013 +0000

    Correct keywords to call of setting acl entries on IMAP folders from LDAP

diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
index ac4f86c..79b3d86 100644
--- a/pykolab/auth/ldap/__init__.py
+++ b/pykolab/auth/ldap/__init__.py
@@ -1116,8 +1116,7 @@ class LDAP(pykolab.base.Base):
                 not entry['kolabmailfolderaclentry'] == None:
 
             self.imap._set_kolab_mailfolder_acls(
-                    entry['kolabmailfolderaclentry'],
-                    folder=folder_path
+                    entry['kolabmailfolderaclentry']
                 )
 
         #if server == None:


commit 7f13684d4057adfe7f2d2b994866382af81d2667
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Sun Jan 27 13:22:18 2013 +0000

    Make sure a shared folder, at a very minimum, includes 'p' rights for anyone
    Handle changes to shared folders as well

diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
index 39e9c89..ac4f86c 100644
--- a/pykolab/auth/ldap/__init__.py
+++ b/pykolab/auth/ldap/__init__.py
@@ -1073,6 +1073,22 @@ class LDAP(pykolab.base.Base):
                 for acl_entry in entry[folderacl_entry_attribute]:
                     acl_access = acl_entry.split()[-1]
                     aci_subject = ' '.join(acl_entry.split()[:-1])
+
+                    log.debug(_("Found a subject %r with access %r") % (aci_subject, acl_access), level=8)
+
+                    access_lookup_dict = {
+                            'read': 'lrs',
+                            'post': 'p',
+                            'append': 'wip',
+                            'write': 'lrswite',
+                            'all': 'lrsedntxakcpiw'
+                        }
+
+                    if access_lookup_dict.has_key(acl_access):
+                        acl_access = access_lookup_dict[acl_access]
+
+                    log.debug(_("Found a subject %r with access %r") % (aci_subject, acl_access), level=8)
+
                     entry['kolabmailfolderaclentry'].append("(%r, %r, %r)" % (folder_path, aci_subject, acl_access))
 
         if not entry.has_key('kolabmailfolderaclentry'):
@@ -1092,11 +1108,16 @@ class LDAP(pykolab.base.Base):
                     entry['kolabfoldertype']
                 )
 
+        if entry.has_key(delivery_address_attribute) and \
+                not entry[delivery_address_attribute] == None:
+            self.imap.set_acl(folder_path, 'anyone', 'p')
+
         if entry.has_key('kolabmailfolderaclentry') and \
                 not entry['kolabmailfolderaclentry'] == None:
 
             self.imap._set_kolab_mailfolder_acls(
-                    entry['kolabmailfolderaclentry']
+                    entry['kolabmailfolderaclentry'],
+                    folder=folder_path
                 )
 
         #if server == None:
@@ -1306,7 +1327,137 @@ class LDAP(pykolab.base.Base):
         pass
 
     def _change_modify_sharedfolder(self, entry, change):
-        pass
+        """
+            A shared folder was modified.
+        """
+        self.imap.connect(domain=self.domain)
+
+        server = None
+
+        # Get some configuration values
+        mailserver_attribute = self.config_get('mailserver_attribute')
+        if entry.has_key(mailserver_attribute):
+            server = entry[mailserver_attribute]
+
+        foldertype_attribute = self.config_get('sharedfolder_type_attribute')
+        if not foldertype_attribute == None:
+            if not entry.has_key(foldertype_attribute):
+                entry[foldertype_attribute] = self.get_user_attribute(
+                        entry['id'],
+                        foldertype_attribute
+                    )
+
+            if not entry[foldertype_attribute] == None:
+                entry['kolabfoldertype'] = entry[foldertype_attribute]
+
+        if not entry.has_key('kolabfoldertype'):
+            entry['kolabfoldertype'] = self.get_entry_attribute(
+                    entry['id'],
+                    'kolabfoldertype'
+                )
+
+        # A delivery address is postuser+targetfolder
+        delivery_address_attribute = self.config_get('sharedfolder_delivery_address_attribute')
+        if not delivery_address_attribute == None:
+            if not entry.has_key(delivery_address_attribute):
+                entry[delivery_address_attribute] = self.get_entry_attribute(
+                        entry['id'],
+                        delivery_address_attribute
+                    )
+
+            if not entry[delivery_address_attribute] == None:
+                if len(entry[delivery_address_attribute].split('+')) > 1:
+                    entry['kolabtargetfolder'] = entry[delivery_address_attribute].split('+')[1]
+
+        if not entry.has_key('kolabtargetfolder'):
+            entry['kolabtargetfolder'] = self.get_entry_attribute(
+                    entry['id'],
+                    'kolabtargetfolder'
+                )
+
+        if entry.has_key('kolabtargetfolder') and \
+                not entry['kolabtargetfolder'] == None:
+
+            folder_path = entry['kolabtargetfolder']
+        else:
+            # TODO: What is *the* way to see if we need to create an @domain
+            # shared mailbox?
+            # TODO^2: self.domain, really? Presumes any mail attribute is
+            # set to the primary domain name space...
+            # TODO^3: Test if the cn is already something at domain
+            result_attribute = conf.get('cyrus-sasl', 'result_attribute')
+            if result_attribute in ['mail']:
+                folder_path = "%s@%s" % (entry['cn'], self.domain)
+            else:
+                folder_path = entry['cn']
+
+        folderacl_entry_attribute = self.config_get('sharedfolder_acl_entry_attribute')
+
+        if not folderacl_entry_attribute == None:
+            if not entry.has_key(folderacl_entry_attribute):
+                entry[folderacl_entry_attribute] = self.get_entry_attribute(
+                        entry['id'],
+                        folderacl_entry_attribute
+                    )
+
+            if not entry[folderacl_entry_attribute] == None:
+                # Parse it before assigning it
+                entry['kolabmailfolderaclentry'] = []
+                if not isinstance(entry[folderacl_entry_attribute], list):
+                    entry[folderacl_entry_attribute] = [ entry[folderacl_entry_attribute] ]
+
+                for acl_entry in entry[folderacl_entry_attribute]:
+                    acl_access = acl_entry.split()[-1]
+                    aci_subject = ' '.join(acl_entry.split()[:-1])
+
+                    log.debug(_("Found a subject %r with access %r") % (aci_subject, acl_access), level=8)
+
+                    access_lookup_dict = {
+                            'read': 'lrs',
+                            'post': 'p',
+                            'append': 'wip',
+                            'write': 'lrswite',
+                            'all': 'lrsedntxakcpiw'
+                        }
+
+                    if access_lookup_dict.has_key(acl_access):
+                        acl_access = access_lookup_dict[acl_access]
+
+                    log.debug(_("Found a subject %r with access %r") % (aci_subject, acl_access), level=8)
+
+                    entry['kolabmailfolderaclentry'].append("(%r, %r, %r)" % (folder_path, aci_subject, acl_access))
+
+        if not entry.has_key('kolabmailfolderaclentry'):
+            entry['kolabmailfolderaclentry'] = self.get_entry_attribute(
+                    entry['id'],
+                    'kolabmailfolderaclentry'
+                )
+
+        if not self.imap.shared_folder_exists(folder_path):
+            self.imap.shared_folder_create(folder_path, server)
+
+        if entry.has_key('kolabfoldertype') and \
+                not entry['kolabfoldertype'] == None:
+
+            self.imap.shared_folder_set_type(
+                    folder_path,
+                    entry['kolabfoldertype']
+                )
+
+        if entry.has_key(delivery_address_attribute) and \
+                not entry[delivery_address_attribute] == None:
+            self.imap.set_acl(folder_path, 'anyone', 'p')
+
+        if entry.has_key('kolabmailfolderaclentry') and \
+                not entry['kolabmailfolderaclentry'] == None:
+
+            self.imap._set_kolab_mailfolder_acls(
+                    entry['kolabmailfolderaclentry'],
+                    folder=folder_path
+                )
+
+        #if server == None:
+            #self.entry_set_attribute(mailserver_attribute, server)
 
     def _change_modify_user(self, entry, change):
         """





More information about the commits mailing list