From b995b9acdc0baa9b95854e8713b4bb6fba0ddefb Mon Sep 17 00:00:00 2001 From: Wolfgang Sourdeau Date: Thu, 15 Jul 2010 17:02:57 +0000 Subject: [PATCH] Monotone-Parent: 01ccf525a7c4b4290cf3f8cbe10dbecae92c26ec Monotone-Revision: 4aa0c2e4faed6ef081103161e7bf29d4f76520eb Monotone-Author: wsourdeau@inverse.ca Monotone-Date: 2010-07-15T17:02:57 Monotone-Branch: ca.inverse.sogo --- ChangeLog | 9 ++++--- SoObjects/SOGo/SOGoParentFolder.m | 44 +++++++++++++++++++------------ 2 files changed, 33 insertions(+), 20 deletions(-) diff --git a/ChangeLog b/ChangeLog index 2f419ec4a..498a00c18 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,9 +17,12 @@ (_fetchPersonalFolders:withChannel:): we no longer check access rights from here as this method is too low level and prevent other mechanisms from working properly. - (-lookupName:inContext:acquire:): we now check the "AccessObject" - right from here before returning the found object. We also make - use of the new "ignoreRights" method (see below) to that end. + (-lookupPersonalFolder:ignoringRights:): new method enabling the + lookup of a user's personal folders only and offering the choice + of respecting (or not) the active user's permission before + returning it. + (-lookupName:inContext:acquire:): we now make use of the above + method when looking up personal folders ("personal" or not). (-toManyRelationShipKeys): same as lookupName... above. * SoObjects/SOGo/SOGoObject.m (-ignoreRights): new utility method diff --git a/SoObjects/SOGo/SOGoParentFolder.m b/SoObjects/SOGo/SOGoParentFolder.m index e9ceb93aa..52982439a 100644 --- a/SoObjects/SOGo/SOGoParentFolder.m +++ b/SoObjects/SOGo/SOGoParentFolder.m @@ -392,23 +392,8 @@ static SoSecurityManager *sm = nil; obj = [super lookupName: name inContext: lookupContext acquire: NO]; if (!obj) { - // Lookup in personal folders - error = [self initSubFolders]; - if (error) - { - [self errorWithFormat: @"a database error occured: %@", [error reason]]; - obj = [NSException exceptionWithHTTPStatus: 503]; - } - else - { - obj = [subFolders objectForKey: name]; - if (obj && ![self ignoreRights] - && [sm validatePermission: SOGoPerm_AccessObject - onObject: obj - inContext: context]) - obj = nil; - } - + obj = [self lookupPersonalFolder: name + ignoringRights: NO]; if (!obj) { // Lookup in subscribed folders @@ -426,6 +411,31 @@ static SoSecurityManager *sm = nil; return obj; } +- (id) lookupPersonalFolder: (NSString *) name + ignoringRights: (BOOL) ignoreRights +{ + NSException *error; + id obj; + + error = [self initSubFolders]; + if (error) + { + [self errorWithFormat: @"a database error occured: %@", [error reason]]; + obj = [NSException exceptionWithHTTPStatus: 503]; + } + else + { + obj = [subFolders objectForKey: name]; + if (obj && !ignoreRights && ![self ignoreRights] + && [sm validatePermission: SOGoPerm_AccessObject + onObject: obj + inContext: context]) + obj = nil; + } + + return obj; +} + - (NSArray *) subFolders { NSMutableArray *ma;