--- a/acl.pm Tue Dec 13 09:22:25 2011 +0100
+++ b/acl.pm Tue Dec 13 13:01:23 2011 +0100
@@ -27,6 +27,7 @@
sub list_by_user($@);
sub list_by_folder($);
+sub list_groups(@);
sub uniq(@);
sub verbose(@);
sub prompt($$);
@@ -42,6 +43,7 @@
sub AT_GROUP();
sub AT_FORWARDINGADDRESS();
sub AT_QUOTA();
+sub AT_ACLGROUPS();
sub import(@) {
$Cf = shift;
@@ -54,6 +56,7 @@
import constant AT_ADDRESS => $Cf->ldap_at_address;
import constant AT_GROUP => $Cf->ldap_at_group;
import constant AT_FORWARDINGADDRESS => $Cf->ldap_at_forwardingaddress;
+ import constant AT_ACLGROUPS => $Cf->ldap_at_aclgroups;
$ubase = OU_ACCOUNTS . "," . $Cf->ldap_base;
$abase = OU_ALIASES . "," . $Cf->ldap_base;
@@ -91,10 +94,11 @@
push @{$nspat}, [qr/\Q$n\E($_->[1]|$)/, $_->[1]];
}
- if ( $Cf->list ) { _list() }
+ if ( $Cf->add ) { _modify() }
+ elsif ( $Cf->delete ) { $Cf->acl('delete') ; _modify() }
+ elsif ( $Cf->list ) { _list() }
elsif ( $Cf->modify ) { _modify() }
- elsif ( $Cf->delete ) { $Cf->acl('delete') ; _modify() }
- else { die "Need action (--delete|--modify|--list)\n" }
+ else { die "Need action (--add|--delete|--list|--modify)\n" }
}
@@ -174,7 +178,12 @@
die "option acl_admin required\n" unless $Cf->acl_admin;
- if (@ARGV) {
+ if ($Cf->aclgroups) {
+
+ warn "--folder option ignored when listing groups" unless $Cf->folder ~~ [];
+ list_groups(@ARGV);
+
+ } elsif (@ARGV) {
# my $uid = $ARGV[0];
# # searching by more than use user may be too expensive
@@ -196,6 +205,41 @@
}
+sub list_groups(@) {
+
+ @_ = ('*') unless @_;
+ my @ag = split ',', $Cf->imap_aclgroups;
+ my $ag_att = AT_ACLGROUPS;
+ my $filter = "(&($ag_att=*)"
+ . "(|" . join( "", map { "(uid=$_)" } @_ ) . "))";
+ my $r = $ldap->search(
+ attrs => ['uid', AT_ACLGROUPS],
+ filter => $filter,
+ base => $ubase,
+ );
+ die $r->error if $r->code;
+
+ unless ($r->count) {
+ print ("No aclgroups found in ldap\n");
+ exit 0;
+ }
+
+ my $users;
+ while (my $e = ($r->shift_entry)) {
+ my $uid = $e->get_value('uid');
+ my @ag_cur = split ',', $e->get_value($ag_att);
+ for (@ag) {
+ $users->{$_} = defined $users->{$_}
+ ? [@{$users->{$_}}, $uid]
+ : [ $uid ]
+ if $_ ~~ @ag_cur
+ }
+ }
+
+ print "$_:\n\t", join("\n\t", @{$users->{$_}}), "\n\n" for keys %{$users};
+
+}
+
sub list_by_user($@) {
my $imap = shift;