Also clean out ACLs that refer to non-existent subjects

1 files changed, 120 insertions, 8 deletions

diff --git a/pykolab/cli/cmd_mailbox_cleanup.py b/pykolab/cli/cmd_mailbox_cleanup.py
index ea0b5ab..b7010ee 100644
--- a/pykolab/cli/cmd_mailbox_cleanup.py
+++ b/pykolab/cli/cmd_mailbox_cleanup.py
@@ -17,12 +17,14 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
 
+import ldap
 import sys
 
 import commands
 
 import pykolab
 
+from pykolab import imap_utf7
 from pykolab.auth import Auth
 from pykolab.imap import IMAP
 from pykolab.translate import _
@@ -57,22 +59,132 @@ def execute(*args, **kw):
     imap = IMAP()
     imap.connect()
 
-    folders = []
+    domain_folders = {}
+
+    subjects = []
+    # Placeholder for subjects that would have already been deleted
+    subjects_deleted = []
 
     for domain in domains.keys():
-        folders.extend(imap.lm("user/%%@%s" % (domain)))
+        domain_folders[domain] = imap.lm("user/%%@%s" % (domain))
+
+    for domain in domain_folders.keys():
+        auth = Auth(domain=domain)
+        auth.connect(domain)
+
+        for folder in domain_folders[domain]:
+            user = folder.replace('user/','')
+
+            try:
+                recipient = auth.find_recipient(user)
+            except ldap.NO_SUCH_OBJECT, errmsg:
+                if not user in subjects_deleted and conf.dryrun:
+                    subjects_deleted.append(user)
+
+                if conf.dryrun:
+                    log.info(_("Would have deleted folder 'user/%s' (dryrun)") % (user))
+                else:
+                    log.info(_("Deleting folder 'user/%s'") % (user))
+                continue
+
+            if len(recipient) == 0 or recipient == []:
+                if not user in subjects_deleted and conf.dryrun:
+                    subjects_deleted.append(user)
+
+                if conf.dryrun:
+                    log.info(_("Would have deleted folder 'user/%s' (dryrun)") % (user))
+                else:
+                    log.info(_("Deleting folder 'user/%s'") % (user))
+                    try:
+                        imap.dm(folder)
+                    except:
+                        log.error(_("Error deleting folder 'user/%s'") % (user))
+            else:
+                log.debug(_("Valid recipient found for 'user/%s'") % (user), level=6)
 
+                if not user in subjects:
+                    subjects.append(user)
+
+    imap_domains = []
+    folders = imap.lm()
     for folder in folders:
-        user = folder.replace('user/','')
+        namespace = folder.split('/')[0]
+        mailbox = folder.split('/')[1]
+
+        if len(mailbox.split('@')) > 1:
+            domain = mailbox.split('@')[1]
+            if not domain in domains.keys() and not domain in imap_domains:
+                imap_domains.append(domain)
 
-        recipient = auth.find_recipient(user)
+    for domain in imap_domains:
+        for folder in imap.lm('user/%%@%s' % (domain)):
+
+            user = folder.replace('user/', '')
+
+            if not user in subjects_deleted and conf.dryrun:
+                subjects_deleted.append(user)
 
-        if len(recipient) == 0 or recipient == []:
             if conf.dryrun:
-                log.info(_("Would have deleting folder 'user/%s' (dryrun)") % (user))
+                log.info(_("Would have deleted folder '%s' (dryrun)") % (folder))
             else:
-                log.info(_("Deleting folder 'user/%s'") % (user))
+                log.info(_("Deleting folder '%s'") % (folder))
                 try:
                     imap.dm(folder)
                 except:
-                    log.error(_("Error deleting folder 'user/%s'") % (user))
+                    log.error(_("Error deleting folder '%s'") % (folder))
+
+        for folder in imap.lm('shared/%%@%s' % (domain)):
+            if conf.dryrun:
+                log.info(_("Would have deleted folder '%s' (dryrun)") % (folder))
+            else:
+                log.info(_("Deleting folder '%s'") % (folder))
+                try:
+                    imap.dm(folder)
+                except:
+                    log.error(_("Error deleting folder '%s'") % (folder))
+
+    for folder in [x for x in imap.lm() if not x.startswith('DELETED/')]:
+        folder = imap_utf7.decode(folder)
+        acls = imap.list_acls(folder)
+
+        for subject in acls.keys():
+            if subject == 'anyone':
+                log.info(
+                        _("Skipping removal of ACL %s for subject %s on folder %s") % (
+                                acls[subject],
+                                subject,
+                                folder
+                            )
+                    )
+
+                continue
+
+            if not subject in subjects and not subject in subjects_deleted:
+                if conf.dryrun:
+                    log.info(
+                            _("Would have deleted ACL %s for subject %s on folder %s") % (
+                                    acls[subject],
+                                    subject,
+                                    folder
+                                )
+                        )
+                else:
+                    log.info(
+                            _("Deleting ACL %s for subject %s on folder %s") % (
+                                    acls[subject],
+                                    subject,
+                                    folder
+                                )
+                        )
+
+                    try:
+                        imap.set_acl(folder, aci_subject, '')
+                    except:
+                        log.error(
+                                _("Error removing ACL %s for subject %s from folder %s") % (
+                                        acls[subject],
+                                        subject,
+                                        folder
+                                    )
+                            )
+