diff --git a/ChangeLog b/ChangeLog index dc3385cdc..f3434f485 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,10 @@ 2012-03-09 Wolfgang Sourdeau + * OpenChange/MAPIStoreFolder.m + (-getTable:andRowCount:tableType:andHandleId:): if the current + user is not the owner of the folder, the permissions table cannot + be open and MAPISTORE_ERR_DENIED is now returned. + * SoObjects/Contacts/NGVCard+SOGo.m (_setupEmailFieldsInLDIFRecord:): the value of card elements were not properly extracted when no email field were of type "home" or diff --git a/OpenChange/MAPIStoreFolder.m b/OpenChange/MAPIStoreFolder.m index 664094048..4ce08728d 100644 --- a/OpenChange/MAPIStoreFolder.m +++ b/OpenChange/MAPIStoreFolder.m @@ -949,6 +949,7 @@ Class NSExceptionK, MAPIStoreFAIMessageK, MAPIStoreMessageTableK, MAPIStoreFAIMe { int rc = MAPISTORE_SUCCESS; MAPIStoreTable *table; + SOGoUser *ownerUser; if (tableType == MAPISTORE_MESSAGE_TABLE) table = [self messageTable]; @@ -957,21 +958,31 @@ Class NSExceptionK, MAPIStoreFAIMessageK, MAPIStoreMessageTableK, MAPIStoreFAIMe else if (tableType == MAPISTORE_FOLDER_TABLE) table = [self folderTable]; else if (tableType == MAPISTORE_PERMISSIONS_TABLE) - table = [self permissionsTable]; + { + ownerUser = [[self userContext] sogoUser]; + if ([[context activeUser] isEqual: ownerUser]) + table = [self permissionsTable]; + else + rc = MAPISTORE_ERR_DENIED; + } else { table = nil; [NSException raise: @"MAPIStoreIOException" format: @"unsupported table type: %d", tableType]; } - if (table) + + if (rc == MAPISTORE_SUCCESS) { - [table setHandleId: handleId]; - *tablePtr = table; - *countPtr = [[table childKeys] count]; + if (table) + { + [table setHandleId: handleId]; + *tablePtr = table; + *countPtr = [[table childKeys] count]; + } + else + rc = MAPISTORE_ERR_NOT_FOUND; } - else - rc = MAPISTORE_ERR_NOT_FOUND; return rc; }