File indexing completed on 2024-05-12 05:17:13
0001 /* 0002 SPDX-FileCopyrightText: 2009 Andras Mantia <amantia@kde.org> 0003 0004 SPDX-License-Identifier: LGPL-2.0-or-later 0005 */ 0006 0007 #pragma once 0008 0009 #include "kimap_export.h" 0010 0011 #include "acljobbase.h" 0012 0013 namespace KIMAP 0014 { 0015 class Session; 0016 struct Response; 0017 class GetAclJobPrivate; 0018 0019 /** 0020 * Gets the ACL for a mailbox 0021 * 0022 * This job can only be run when the session is in the 0023 * authenticated (or selected) state. 0024 * 0025 * The user must have the Acl::Admin permission 0026 * on the mailbox for this job to succeed (see 0027 * MyRightsJob). 0028 * 0029 * This job requires that the server supports the ACL 0030 * capability, defined in 0031 * <a href="https://tools.ietf.org/html/rfc4314">RFC 4314</a>. 0032 * 0033 * The meaning of identifiers depends on the server implementation, 0034 * with the following restrictions: 0035 * 0036 * - "anyone" means any authenticated user, including anonymous 0037 * - an identifier starting with a minus sign ('-') indicates 0038 * "negative rights": rights that should be taken away from 0039 * matching users 0040 * 0041 * Other than the above restrictions, ACL identifiers are usually 0042 * IMAP usernames, but could potentially be group names as well. 0043 * 0044 * Note that negative rights override positive rights: if 0045 * "fred" and "-fred" are both assigned the 'w' right, the 0046 * user "fred" will not have the 'w' right. 0047 */ 0048 class KIMAP_EXPORT GetAclJob : public AclJobBase 0049 { 0050 Q_OBJECT 0051 Q_DECLARE_PRIVATE(GetAclJob) 0052 0053 friend class SessionPrivate; 0054 0055 public: 0056 explicit GetAclJob(Session *session); 0057 ~GetAclJob() override; 0058 0059 /** 0060 * The identifiers present in the ACL. 0061 * 0062 * This method will return an empty list if the job has 0063 * not yet been run. 0064 * 0065 * See the GetAclJob documentation for an explanation of 0066 * identifiers; in particular, identifiers starting with 0067 * '-' specify negative rights. 0068 */ 0069 [[nodiscard]] QList<QByteArray> identifiers() const; 0070 /** 0071 * Check whether an identifier has a given right set 0072 * 0073 * The result of this method is undefined if the job has 0074 * not yet completed. 0075 * 0076 * See the GetAclJob documentation for an explanation of 0077 * identifiers; in particular, identifiers starting with 0078 * '-' specify negative rights. 0079 * 0080 * Note that this will not tell you whether the net result 0081 * of all the ACL entries means that a given user has 0082 * a certain right. 0083 * 0084 * @param identifier the identifier to check the rights for 0085 * @param right the right to check for 0086 */ 0087 bool hasRightEnabled(const QByteArray &identifier, Acl::Right right) const; 0088 /** 0089 * Get the rights associated with an identifier. 0090 * 0091 * The result of this method is undefined if the job has 0092 * not yet completed. 0093 * 0094 * See the GetAclJob documentation for an explanation of 0095 * identifiers; in particular, identifiers starting with 0096 * '-' specify negative rights. 0097 * 0098 * Note that this will not tell you the rights that a 0099 * given user will have once all the ACL entries have 0100 * been taken into account. 0101 * 0102 * @param identifier the identifier to check the rights for 0103 */ 0104 Acl::Rights rights(const QByteArray &identifier) const; 0105 0106 /** 0107 * Gets the full access control list. 0108 * 0109 * The result of this method is undefined if the job has 0110 * not yet completed. 0111 * 0112 * See the GetAclJob documentation for an explanation of 0113 * identifiers; in particular, identifiers starting with 0114 * '-' specify negative rights. 0115 */ 0116 [[nodiscard]] QMap<QByteArray, Acl::Rights> allRights() const; 0117 0118 protected: 0119 void doStart() override; 0120 void handleResponse(const Response &response) override; 0121 }; 0122 0123 }