forked from brong/cyrus-imapd-legacy
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathacl.h
136 lines (121 loc) · 4.92 KB
/
acl.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
/* acl.h -- definitions for access control lists
*
* Copyright (c) 1994-2008 Carnegie Mellon University. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The name "Carnegie Mellon University" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For permission or any legal
* details, please contact
* Carnegie Mellon University
* Center for Technology Transfer and Enterprise Creation
* 4615 Forbes Avenue
* Suite 302
* Pittsburgh, PA 15213
* (412) 268-7393, fax: (412) 268-7395
*
* 4. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by Computing Services
* at Carnegie Mellon University (http://www.cmu.edu/computing/)."
*
* CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
* THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
* FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
* AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*
* $Id: acl.h,v 1.20 2010/01/06 17:01:43 murch Exp $
*
* Author: Chris Newman
* Start Date: 6/28/93
*/
#ifndef INCLUDED_ACL_H
#define INCLUDED_ACL_H
#include "auth.h"
/* max length of an acl string */
#define ACL_MAXSTR 32
/* ACL bits */
#define ACL_LOOKUP 0x000001L
#define ACL_READ 0x000002L
#define ACL_SETSEEN 0x000004L
#define ACL_WRITE 0x000008L
#define ACL_INSERT 0x000010L
#define ACL_POST 0x000020L
#define ACL_CREATE 0x000040L
#define ACL_DELETEMBOX 0x000080L
#define ACL_DELETEMSG 0x000100L
#define ACL_EXPUNGE 0x000200L
#define ACL_ADMIN 0x000400L
#define ACL_ANNOTATEMSG 0x000800L
#define ACL_USER1 0x001000L
#define ACL_USER2 0x002000L
#define ACL_USER3 0x004000L
#define ACL_USER4 0x008000L
#define ACL_USER5 0x010000L
#define ACL_USER6 0x020000L
#define ACL_USER7 0x040000L
#define ACL_USER8 0x080000L
#define ACL_USER9 0x100000L
#define ACL_USER0 0x200000L
/* ALL: all non-user ACLs */
#define ACL_ALL (ACL_LOOKUP|ACL_READ|ACL_SETSEEN|ACL_WRITE\
|ACL_INSERT|ACL_POST|ACL_CREATE|ACL_DELETEMBOX\
|ACL_DELETEMSG|ACL_EXPUNGE|ACL_ADMIN\
|ACL_ANNOTATEMSG)
/* FULL: ALL ACLs including user ACLs */
#define ACL_FULL (ACL_USER1|ACL_USER2|ACL_USER3|ACL_USER4|ACL_USER5\
|ACL_USER6|ACL_USER7|ACL_USER8|ACL_USER9|ACL_USER0\
|ACL_ALL)
/* READ-WRITE: removed from regular ACL if you EXAMINE a mailbox,
so that nothing accidentally tries to write */
#define ACL_READ_WRITE (ACL_SETSEEN|ACL_WRITE|ACL_INSERT\
|ACL_DELETEMSG|ACL_EXPUNGE|ACL_ANNOTATEMSG)
#define ACL_MODE_SET 0
#define ACL_MODE_ADD 1
#define ACL_MODE_REMOVE 2
typedef int cyrus_acl_canonproc_t(void *rock, const char *identifier, int rights);
/* convert a string to an acl bit vector */
extern int cyrus_acl_strtomask(const char *str);
/* cyrus_acl_masktostr(acl, dst)
* convert an acl bit vector to a string
* dst must have room for 32 characters (only 20 used currently)
* returns dst
*/
extern char *cyrus_acl_masktostr(int acl, char *str);
/* cyrus_acl_myrights(acl)
* Calculate the set of rights the user in 'auth_state' has in the ACL 'acl'.
* 'acl' must be writable, but is restored to its original condition.
*/
extern int cyrus_acl_myrights(struct auth_state *auth_state, const char *acl);
/* cyrus_acl_set(acl, identifier, mode, access, canonproc, canonrock) Modify the
* ACL pointed to by 'acl' to modify the rights granted to
* 'identifier' as specified by 'mode' and the set specified in the
* mask 'access'. 'mode' is one of ACL_MODE_SET, ACL_MODE_ADD, or
* ACL_MODE_REMOVE. The pointer pointed to by 'acl' must have been
* obtained from malloc(). returns -1 on error, 0 on success */
extern int cyrus_acl_set(char **acl, const char *identifier,
int mode, int access,
cyrus_acl_canonproc_t *canonproc, void *canonrock);
/* cyrus_acl_remove(acl, identifier, canonproc, canonrock)
* Remove any entry for 'identifier' in the ACL pointed to by 'acl'.
* The pointer pointed to by 'acl' must have been obtained from malloc().
* returns -1 on error, 0 on success
*/
extern int cyrus_acl_remove(char **acl, const char *identifier,
cyrus_acl_canonproc_t *canonproc, void *canonrock);
#endif /* INCLUDED_ACL_H */