From d8c8e4ab1bc9168f0ed5ecb4074dcd42176ad7ea Mon Sep 17 00:00:00 2001 From: FreddleSpl0it Date: Thu, 31 Oct 2024 11:00:03 +0100 Subject: [PATCH] [DockerApi] Fix IMAP ACL migration issue when renaming mailbox --- .../dockerapi/modules/DockerApi.py | 46 ++++++++++++------- data/web/inc/functions.mailbox.inc.php | 6 ++- 2 files changed, 34 insertions(+), 18 deletions(-) diff --git a/data/Dockerfiles/dockerapi/modules/DockerApi.py b/data/Dockerfiles/dockerapi/modules/DockerApi.py index 64bcc4d95..4701cbf51 100644 --- a/data/Dockerfiles/dockerapi/modules/DockerApi.py +++ b/data/Dockerfiles/dockerapi/modules/DockerApi.py @@ -429,24 +429,38 @@ class DockerApi: formatted_acls = [] mailbox_seen = [] for shared_folder in shared_folders: - if "Shared" not in shared_folder and "/" not in shared_folder: - continue - shared_folder = shared_folder.split("/") - if len(shared_folder) < 3: - continue + if "Shared" not in shared_folder: + mailbox = shared_folder.replace("'", "'\\''") + if mailbox in mailbox_seen: + continue - user = shared_folder[1].replace("'", "'\\''") - mailbox = '/'.join(shared_folder[2:]).replace("'", "'\\''") - if mailbox in mailbox_seen: - continue + acls = container.exec_run(["/bin/bash", "-c", f"doveadm acl get -u '{id}' '{mailbox}'"]) + acls = acls.output.decode('utf-8').strip().splitlines() + if len(acls) >= 2: + for acl in acls[1:]: + user_id, rights = acl.split(maxsplit=1) + user_id = user_id.split('=')[1] + mailbox_seen.append(mailbox) + formatted_acls.append({ 'user': id, 'id': user_id, 'mailbox': mailbox, 'rights': rights.split() }) + elif "Shared" in shared_folder and "/" in shared_folder: + shared_folder = shared_folder.split("/") + if len(shared_folder) < 3: + continue - acls = container.exec_run(["/bin/bash", "-c", f"doveadm acl get -u '{user}' '{mailbox}'"]) - acls = acls.output.decode('utf-8').strip().splitlines() - if len(acls) >= 2: - for acl in acls[1:]: - _, rights = acls[1].split(maxsplit=1) - mailbox_seen.append(mailbox) - formatted_acls.append({ 'user': user, 'id': id, 'mailbox': mailbox, 'rights': rights.split() }) + user = shared_folder[1].replace("'", "'\\''") + mailbox = '/'.join(shared_folder[2:]).replace("'", "'\\''") + if mailbox in mailbox_seen: + continue + + acls = container.exec_run(["/bin/bash", "-c", f"doveadm acl get -u '{user}' '{mailbox}'"]) + acls = acls.output.decode('utf-8').strip().splitlines() + if len(acls) >= 2: + for acl in acls[1:]: + user_id, rights = acl.split(maxsplit=1) + user_id = user_id.split('=')[1].replace("'", "'\\''") + if user_id == id and mailbox not in mailbox_seen: + mailbox_seen.append(mailbox) + formatted_acls.append({ 'user': user, 'id': id, 'mailbox': mailbox, 'rights': rights.split() }) return Response(content=json.dumps(formatted_acls, indent=4), media_type="application/json") # api call: container_post - post_action: exec - cmd: doveadm - task: delete_acl diff --git a/data/web/inc/functions.mailbox.inc.php b/data/web/inc/functions.mailbox.inc.php index 9dec594b5..9de665675 100644 --- a/data/web/inc/functions.mailbox.inc.php +++ b/data/web/inc/functions.mailbox.inc.php @@ -3364,12 +3364,14 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) { // set imap acls foreach ($imap_acls as $imap_acl) { + $user_id = ($imap_acl['id'] == $old_username) ? $new_username : $imap_acl['id']; + $user = ($imap_acl['user'] == $old_username) ? $new_username : $imap_acl['user']; $exec_fields = array( 'cmd' => 'doveadm', 'task' => 'set_acl', - 'user' => $imap_acl['user'], + 'user' => $user, 'mailbox' => $imap_acl['mailbox'], - 'id' => $new_username, + 'id' => $user_id, 'rights' => $imap_acl['rights'] ); docker('post', 'dovecot-mailcow', 'exec', $exec_fields);