All users were logged out of Bugzilla on October 13th, 2018

ACL implementation for IMAP accounts

VERIFIED FIXED in mozilla0.9.9

Status

P2
normal
VERIFIED FIXED
19 years ago
10 years ago

People

(Reporter: huang, Assigned: Bienvenu)

Tracking

Trunk
mozilla0.9.9
x86
All

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(3 attachments)

(Reporter)

Description

19 years ago
From bug 24740, basic namespace is functioning, the rest is ACL stuff.
This bug is tracking for making ACL extension for IMAP in the feature.
(Reporter)

Comment 1

19 years ago
Per Jeff -- M20.
Assignee: mscott → jefft
QA Contact: lchiang → huang
Target Milestone: --- → M20
(Reporter)

Updated

19 years ago
Summary: ACL implmentation for IMAP accounts → ACL implementation for IMAP accounts

Updated

19 years ago
Status: NEW → ASSIGNED

Comment 2

18 years ago
reassigning jefft's bugs to naving
Assignee: jefft → naving
Status: ASSIGNED → NEW
(Assignee)

Comment 3

18 years ago
nominating for 6.5 - I can do this, or help Navin
Keywords: mail3

Comment 4

18 years ago
marking nsbeta1-. cc'ing jpm since he might want to consider this.
Keywords: nsbeta1-

Updated

17 years ago
Target Milestone: --- → Future

Comment 5

17 years ago
reassigning to bienvenu.  From the engineering plan:

generate request for folder ACL info once per session
Parse returned ACL info
Store ACL info with folder

If you want these to be separate bugs, let me know and I'll file them.
Assignee: naving → bienvenu

Updated

17 years ago
Blocks: 112096

Updated

17 years ago
Priority: P3 → P2
Target Milestone: Future → mozilla0.9.9
(Assignee)

Comment 6

17 years ago
fix checked in as part of sharing tab of imap folder properties.
Status: NEW → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → FIXED

Comment 7

17 years ago
Is this fix in the nightlies?
I'm currently using 2002020409 and I can see the sharing tab but there are a
couple of problems:

1) there's no option there to change ACLs
2) granted "lrs" access to a folder to another user. I had to restart mozilla to
see the changes in the sharing tab, but the display is wrong: it says that *I*
have "lrs" access. Doesn't tell nothing about the other user.
(Assignee)

Comment 8

17 years ago
we don't allow you to edit your acls - the server has to support a web-based
interface for that, currently.

We show you your rights, as reported to us by the server.

Comment 9

17 years ago
> we don't allow you to edit your acls - the server has to support a web-based
> interface for that, currently.

Ok, that's bug 123093

> We show you your rights, as reported to us by the server.

It seems it isn't so:

[luca@saturn luca]$ telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
* OK saturn.wetron.local Cyrus IMAP4 v1.6.24 server ready
1 login luca **********
1 OK User logged in
2 GETACL INBOX.listas.afbackup
* ACL INBOX.listas.afbackup luca lrswipcda pippo lrs
2 OK Completed
3 logout
* BYE LOGOUT received
3 OK Completed
Connection closed by foreign host.


The sharing tab for INBOX.listas.afbackup says:
------------------------------------
You have the following permissions:
Read, Lookup, Set Read/Unread State
------------------------------------

but these are the rights for user "pippo" (pippo lrs) not for me (luca lrswipcda).

Comment 10

17 years ago
Just in case mozilla isn't using GETACL:

[luca@saturn doc]$ telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
* OK saturn.wetron.local Cyrus IMAP4 v1.6.24 server ready
1 login luca ***********
1 OK User logged in
3 MYRIGHTS INBOX.listas.afbackup
* MYRIGHTS INBOX.listas.afbackup lrswipcda
3 OK Completed
4 LISTRIGHTS INBOX.listas.afbackup luca
* LISTRIGHTS INBOX.listas.afbackup luca lca r s w i p d 0 1 2 3 4 5 6 7 8 9
4 OK Completed
5 logout
* BYE LOGOUT received
5 OK Completed
Connection closed by foreign host.
(Assignee)

Comment 11

17 years ago
hey, you can generate a protocol log and see exactly what mozilla is requesting and 
receiving, to take the guesswork out of this. Instructions here:

http://www.mozilla.org/quality/mailnews/mail-troubleshoot.html#imap

We use myrights, iirc.

Comment 12

17 years ago
Nope, from the protocol log I see that you're using GETACL:

-1709295[24b2390]: mail:A:SendData: 2 select "INBOX.listas.afbackup"
-1709295[24b2390]: mail:A:CreateNewLineFromSocket: * FLAGS (\Answered \Flagged
\Draft \Deleted \Seen) -1709295[24b2390]: mail:A:CreateNewLineFromSocket: * OK
[PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen \*)] 
-1709295[24b2390]: mail:A:CreateNewLineFromSocket: * 3 EXISTS -1709295[24b2390]:
mail:A:CreateNewLineFromSocket: * 0 RECENT -1709295[24b2390]:
mail:A:CreateNewLineFromSocket: * OK [UIDVALIDITY 981715795]  -1709295[24b2390]:
mail:A:CreateNewLineFromSocket: * OK [UIDNEXT 177]  -1709295[24b2390]:
mail:A:CreateNewLineFromSocket: 2 OK [READ-WRITE] Completed -1709295[24b2390]:
mail:S-INBOX.listas.afbackup:SendData: 3 getacl "INBOX.listas.afbackup"
-1709295[24b2390]: mail:S-INBOX.listas.afbackup:CreateNewLineFromSocket: * ACL
INBOX.listas.afbackup luca lrswipcda pippo lrs -1709295[24b2390]:
mail:S-INBOX.listas.afbackup:CreateNewLineFromSocket: 3 OK Completed 

You probably take the last acl listed instead of the acl for the logged in user.
(Reporter)

Comment 13

17 years ago
Created attachment 77145 [details]
IMAP log of huang3 with shared with other "ying" w/read
(Reporter)

Comment 14

17 years ago
Created attachment 77147 [details]
IMAP log of huang3 shared with other "ying" w/read&write
(Reporter)

Comment 15

17 years ago
Created attachment 77153 [details]
IMAP log of the inbox shared with ying w/read
(Reporter)

Comment 16

17 years ago
Ccing luca.
From above my verification, it seems this is working fine for my account.
luca, can you confirm your problem by using the latest build again?

Comment 17

17 years ago
I verified with 0.9.9 (what I'm currently using) and it shows me the correct
permissions, just mine, though:
--------------
Folder type: personal folder
This is a personal mail folder. It has been shared.

You have the following permissions:
Full Control
---------------
It would be nice if it showed the permissions I granted to the other user.
Still no button to change permissions and bug 123093 has been marked as fixed.
Should I download a later build?
(Assignee)

Comment 18

17 years ago
You'll only see the permissions button if your imap server supports the
X-SERVERINFO extension, and supports setting the permissions on your folders
from a web admin page. We don't have code in our client to set ACL.
(Reporter)

Comment 19

17 years ago
Yes. Bug 123093 has been verified on the latest Server NMS 6.1 build which I 
request Server group for setting testing account for me. 
You won't see the fix even you download the latest client build since that is 
fix from the Server side.
Based on above luca & my verification.
I am marking as verified for this bug now.
Status: RESOLVED → VERIFIED

Comment 20

17 years ago
>You'll only see the permissions button if your imap server supports the
>X-SERVERINFO extension, and supports setting the permissions on your folders
>from a web admin page. We don't have code in our client to set ACL.

I searched bugzilla for "acl" "access control list" and "shared folders" and
found no other bug for this (setting acl through the imap protocol).
Should I file one?
(Assignee)

Comment 21

17 years ago
Sure, file one - it'll be an RFE, and not likely to be done anytime soon, at
least by Netscape folks...it's the kind of thing that's better done on the
server since the server, for example, knows who the possible users to share with
are, whereas the client has no clue.
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.