diff -r 69e1077f1de3 -r 96f567261e87 acl.pm --- a/acl.pm Tue Dec 13 09:22:25 2011 +0100 +++ b/acl.pm Tue Dec 13 13:01:23 2011 +0100 @@ -27,6 +27,7 @@ sub list_by_user($@); sub list_by_folder($); +sub list_groups(@); sub uniq(@); sub verbose(@); sub prompt($$); @@ -42,6 +43,7 @@ sub AT_GROUP(); sub AT_FORWARDINGADDRESS(); sub AT_QUOTA(); +sub AT_ACLGROUPS(); sub import(@) { $Cf = shift; @@ -54,6 +56,7 @@ import constant AT_ADDRESS => $Cf->ldap_at_address; import constant AT_GROUP => $Cf->ldap_at_group; import constant AT_FORWARDINGADDRESS => $Cf->ldap_at_forwardingaddress; + import constant AT_ACLGROUPS => $Cf->ldap_at_aclgroups; $ubase = OU_ACCOUNTS . "," . $Cf->ldap_base; $abase = OU_ALIASES . "," . $Cf->ldap_base; @@ -91,10 +94,11 @@ push @{$nspat}, [qr/\Q$n\E($_->[1]|$)/, $_->[1]]; } - if ( $Cf->list ) { _list() } + if ( $Cf->add ) { _modify() } + elsif ( $Cf->delete ) { $Cf->acl('delete') ; _modify() } + elsif ( $Cf->list ) { _list() } elsif ( $Cf->modify ) { _modify() } - elsif ( $Cf->delete ) { $Cf->acl('delete') ; _modify() } - else { die "Need action (--delete|--modify|--list)\n" } + else { die "Need action (--add|--delete|--list|--modify)\n" } } @@ -174,7 +178,12 @@ die "option acl_admin required\n" unless $Cf->acl_admin; - if (@ARGV) { + if ($Cf->aclgroups) { + + warn "--folder option ignored when listing groups" unless $Cf->folder ~~ []; + list_groups(@ARGV); + + } elsif (@ARGV) { # my $uid = $ARGV[0]; # # searching by more than use user may be too expensive @@ -196,6 +205,41 @@ } +sub list_groups(@) { + + @_ = ('*') unless @_; + my @ag = split ',', $Cf->imap_aclgroups; + my $ag_att = AT_ACLGROUPS; + my $filter = "(&($ag_att=*)" + . "(|" . join( "", map { "(uid=$_)" } @_ ) . "))"; + my $r = $ldap->search( + attrs => ['uid', AT_ACLGROUPS], + filter => $filter, + base => $ubase, + ); + die $r->error if $r->code; + + unless ($r->count) { + print ("No aclgroups found in ldap\n"); + exit 0; + } + + my $users; + while (my $e = ($r->shift_entry)) { + my $uid = $e->get_value('uid'); + my @ag_cur = split ',', $e->get_value($ag_att); + for (@ag) { + $users->{$_} = defined $users->{$_} + ? [@{$users->{$_}}, $uid] + : [ $uid ] + if $_ ~~ @ag_cur + } + } + + print "$_:\n\t", join("\n\t", @{$users->{$_}}), "\n\n" for keys %{$users}; + +} + sub list_by_user($@) { my $imap = shift;