svn commit: samba r6695 - in trunk/source/smbd: .

[jra at samba.org]

Author: jra
Date: 2005-05-10 04:24:59 +0000 (Tue, 10 May 2005)
New Revision: 6695

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=6695

Log:
Another attempt to fix the (unreproducible for me) bug #2346 (read-only
excel files). Ensures that any missing user ACL entry will be generated
from a union of all group permissions that contain the user.
Awaiting feedback from the reporters.
Jeremy.

Modified:
   trunk/source/smbd/posix_acls.c


Changeset:
Modified: trunk/source/smbd/posix_acls.c
===================================================================
--- trunk/source/smbd/posix_acls.c	2005-05-10 02:03:47 UTC (rev 6694)
+++ trunk/source/smbd/posix_acls.c	2005-05-10 04:24:59 UTC (rev 6695)
@@ -1097,13 +1097,28 @@
 		pace->attr = ALLOW_ACE;
 
 		if (setting_acl) {
+			/* See if the owning user is in any of the other groups in
+			   the ACE. If so, OR in the permissions from that group. */
+
+			BOOL group_matched = False;
+			canon_ace *pace_iter;
+
+			for (pace_iter = *pp_ace; pace_iter; pace_iter = pace_iter->next) {
+				if (pace_iter->type == SMB_ACL_GROUP_OBJ || pace_iter->type == SMB_ACL_GROUP) {
+					if (uid_entry_in_group(pace, pace_iter)) {
+						pace->perms |= pace_iter->perms;
+						group_matched = True;
+					}
+				}
+			}
+
 			/* If we only got an "everyone" perm, just use that. */
-			if (!got_grp && got_other)
-				pace->perms = pace_other->perms;
-			else if (got_grp && uid_entry_in_group(pace, pace_group))
-				pace->perms = pace_group->perms;
-			else
-				pace->perms = 0;
+			if (!group_matched) {
+				if (got_other)
+					pace->perms = pace_other->perms;
+				else
+					pace->perms = 0;
+			}
 
 			apply_default_perms(fsp, pace, S_IRUSR);
 		} else {