Re: Bulk deletion of mailbox ACLs under Cyrus 2.4.4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Bron Gondwana wrote:

> The correct way[tm] is to iterate over all the mailboxes and do a

> "setacl" for each one you want to change, probably using an external

> script that talks IMAP.

>


While obviously needing some work, I've attached a script that -I think- does just that.


Kind regards,


Jeroen van Meeuwen


--

Senior Engineer, Kolab Systems AG


e: vanmeeuwen at kolabsys.com

t: +44 144 340 9500

m: +44 74 2516 3817

w: http://www.kolabsys.com


pgp: 9342 BF08

import sys

sys.path.append('..')

import pykolab

conf = pykolab.getConf()
conf.debuglevel = 9
conf.read_config("../conf/kolab-shc.conf")

imap = pykolab.imap

imap.connect()

# List the shared and user folders
shared_folders = imap.lm("shared/*@mydomain.com")
user_folders = imap.lm("user/*@mydomain.com")

# Placeholder for valid ACL entries
valid_acls = {
        # These are special keywords used in ACLs
        'anyone': True
    }

# Loop through the user folders found, ...
for user_folder in user_folders:

    # ... and distill the user@domain ACL qualifier.
    folder_parts = imap.parse_mailbox(user_folder)
    if folder_parts['domain']:
        valid_acl = "%s@%s" %(folder_parts['path_parts'][1],folder_parts['domain'])
    else:
        valid_acl = "%s" %(folder_parts['path_parts'])

    # 'valid_acl' now contains the fully qualified user identifier (i.e.
    # user@xxxxxxxxxx), which may be used in the ACL entries on the other
    # folders. Store the valid ACL entry.
    if not valid_acls.has_key(valid_acl):
        valid_acls[valid_acl] = True

# For all folders (shared and user), ...
folders = user_folders + shared_folders

print "Iterating over %d folders" %(len(folders))

# ... loop through them and ...
for folder in folders:
    # ... list the ACL entries
    acls = imap.lam(folder)

    # For each ACL entry, see if we think it is a current, valid entry
    for acl_entry in acls.keys():

        # If the key 'acl_entry' does not exist in the dictionary of valid
        # ACL entries, this ACL entry has got to go.
        if not valid_acls.has_key(acl_entry):
            # Set the ACL to '' (effectively deleting the ACL entry)
            imap.sam(folder, acl_entry, '')

Attachment: signature.asc
Description: This is a digitally signed message part.

----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux