By storing these custom MAPI roles in the ACL.
The extension field 'X-SOGO-COMPONENT-CREATED-BY' is used to store the
event creator when it is done from Outlook. It is the same field SOGo
uses when an event is created from a shared folder in the webmail.
The creator and the organizer/owner of the event can be different and it can
be used from external sources by checking the organizer field. This matches
the specification from [MS-OXOCAL] Section 1.1 which defines the organizer
as the owner or creator of the event.
And returning back PidTagCreatorName.
This is done by checking the owner of the resource if the given
permission is restricted to edit/delete own items.
This requires a52bc3b to work in calendar folders as it requires to store and retrieve
the MAPI custom permissions in the ACL.
This is a security issue that allowed a user to read the number
of messages and its subjects when it does not have any permission to read.
Now the user cannot see other's folder without asking for me to the owner.
Instead of asking general container. This gives the possibility to
perform the deletion depending on the data from the message, for instance,
the user creator.
As specified by [MS-OXCPERM] Section 3.2.5.2, the ModifyPermissions ROP
is only possible to users which have this right.
After this changeset, we check the active user can modify permission
list. This is a security fix.
Instead of using the connected active user.
Although this provides no changes in the result, it could be depending
on changes from the backend so it'd better have it accurated to what
the OpenChange DB API offers.
Instead of using connected active user because the fmids are related
to the root folder (context) owner. This avoids returning back incorrect
identifiers which mostly collide with already associated URLs.
This specifies a little the scope of the variable to make it
more realistic with the actual values it may have. We do have
a static typed compiled language, why don't we use it?
Instead of keeping only the highest access roles. This reverts
2c678101 to fix handling of ACLs with multiple groups.
This is done because OpenChange library stores other roles/permissions
in the ACLs that have limited scope to the MAPI protocol and it
maintains an homogeneous returned data with other folders by returning
the actual data is stored in the DB.
By sorting the roles, we give the ability to callers to validate
permissions more efficiency (less loops) and keep the right highest
access level. As an example, check
[SOGoApppointmentFolder:roleForComponentsWithAccessClass:forUser]
for details.
Using LDAP as source, the group entry must have a valid
group objectClass such as posixGroup or group and have a
valid UIDField which does not include the domain.
With this changeset, SOGo is aware of these groups when it has
an email and you can share a component such as a calendar with
the member of the group.
In RTF is possible to specify characters with the sequence \'XX being
XX an hexadecimal number.
With this changeset we guard against incorrect hexadecimal numbers which
will be ignored.
The other change added is to ignore carriadge returns in plain text.
In _getElement which match many properties and in both
PidLidAddressBookProviderEmailList and PidLidAddressBookProviderArrayType.
As it is specified in [MS-OXOCNTC] Section 2.2.1, each property
must be stored when the user needs it. So we can assume we can avoid
returning them if we don't have it.
This fix a Sync Issue which make it impossible to sync a contact
folder where some contact object does not any email. The sync issue
message is as follows:
Error synchronizing folder
[80070057-30FFFFFF-0-560]
By setting `SoIMAP4ExceptionsEnabled` config key to YES
Enabled for OpenChange by default, it will ensure no action is taken
when IMAP connection is not valid.
This reverts 1c8b693 and it's possible thanks to removing
listRequiresDot option 6b2ec7a
Listing contacts didn't work for sources with listRequiresDot
set to YES (LDAPSource, by default, had this option that way)
This option is not needed. SQLSource was not using it
and LDAPSource will transform the filter to (UIDField=*) when
there is nothing set as filter, before this patch it was needed
to either insert '.' as filter or set listRequiresDot to NO
By restricting when FolderVisible right is set to the following rights:
* ReadAny
* EditAny
* DeleteAny
This goes beyond what specs says about when FolderVisible right is
mandatory but there is no more information stored in SOGo
(no possibility to set FolderVisible specific right)
See [MS-OXCPERM] Section 2.2.6 for more details
When Outlook sets the editor role, the FreeBusyDetailed and FreeBusySimple
right flags are set as Full Details are available.
When we store this information in SOGo, the SOGoCalendarRole_PublicModifier,
SOGoCalendarRole_PrivateModifier and SOGoCalendarRole_ConfidentialModifier
are stored as well as the free busy related roles, but as
[SOGoAppointmentFolder aclsForUser:forObjectAtPath] only returns the highest
access rights, we have to set as well the FreeBusy flags.
More details on [MS-OXCPERM] Section 2.2.6
To integrate with CI system.
sogo-tests now accepts a flag (-f) to determine the output format:
* text : Current behaviour and default value
* junit: XML output suitable for CI system such as Jenkins
Attachment creation can succeed and attachment mime file could fail
This can happen, e.g., when the filename's length is close to the maximum
allowed but your filesystem and then mime file will exceed that limit
(because it has a prefix).
