Closed Bug 38967 Opened 22 years ago Closed 20 years ago

ACL implementation for IMAP accounts

Categories

(MailNews Core :: Networking: IMAP, defect, P2)

x86
All
defect

Tracking

(Not tracked)

VERIFIED FIXED
mozilla0.9.9

People

(Reporter: huang, Assigned: Bienvenu)

References

Details

Attachments

(3 files)

From bug 24740, basic namespace is functioning, the rest is ACL stuff.
This bug is tracking for making ACL extension for IMAP in the feature.
Per Jeff -- M20.
Assignee: mscott → jefft
QA Contact: lchiang → huang
Target Milestone: --- → M20
Summary: ACL implmentation for IMAP accounts → ACL implementation for IMAP accounts
Status: NEW → ASSIGNED
reassigning jefft's bugs to naving
Assignee: jefft → naving
Status: ASSIGNED → NEW
nominating for 6.5 - I can do this, or help Navin
Keywords: mail3
marking nsbeta1-. cc'ing jpm since he might want to consider this.
Keywords: nsbeta1-
Target Milestone: --- → Future
reassigning to bienvenu.  From the engineering plan:

generate request for folder ACL info once per session
Parse returned ACL info
Store ACL info with folder

If you want these to be separate bugs, let me know and I'll file them.
Assignee: naving → bienvenu
Blocks: 112096
Priority: P3 → P2
Target Milestone: Future → mozilla0.9.9
fix checked in as part of sharing tab of imap folder properties.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Is this fix in the nightlies?
I'm currently using 2002020409 and I can see the sharing tab but there are a
couple of problems:

1) there's no option there to change ACLs
2) granted "lrs" access to a folder to another user. I had to restart mozilla to
see the changes in the sharing tab, but the display is wrong: it says that *I*
have "lrs" access. Doesn't tell nothing about the other user.
we don't allow you to edit your acls - the server has to support a web-based
interface for that, currently.

We show you your rights, as reported to us by the server.
> we don't allow you to edit your acls - the server has to support a web-based
> interface for that, currently.

Ok, that's bug 123093

> We show you your rights, as reported to us by the server.

It seems it isn't so:

[luca@saturn luca]$ telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
* OK saturn.wetron.local Cyrus IMAP4 v1.6.24 server ready
1 login luca **********
1 OK User logged in
2 GETACL INBOX.listas.afbackup
* ACL INBOX.listas.afbackup luca lrswipcda pippo lrs
2 OK Completed
3 logout
* BYE LOGOUT received
3 OK Completed
Connection closed by foreign host.


The sharing tab for INBOX.listas.afbackup says:
------------------------------------
You have the following permissions:
Read, Lookup, Set Read/Unread State
------------------------------------

but these are the rights for user "pippo" (pippo lrs) not for me (luca lrswipcda).

Just in case mozilla isn't using GETACL:

[luca@saturn doc]$ telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
* OK saturn.wetron.local Cyrus IMAP4 v1.6.24 server ready
1 login luca ***********
1 OK User logged in
3 MYRIGHTS INBOX.listas.afbackup
* MYRIGHTS INBOX.listas.afbackup lrswipcda
3 OK Completed
4 LISTRIGHTS INBOX.listas.afbackup luca
* LISTRIGHTS INBOX.listas.afbackup luca lca r s w i p d 0 1 2 3 4 5 6 7 8 9
4 OK Completed
5 logout
* BYE LOGOUT received
5 OK Completed
Connection closed by foreign host.
hey, you can generate a protocol log and see exactly what mozilla is requesting and 
receiving, to take the guesswork out of this. Instructions here:

http://www.mozilla.org/quality/mailnews/mail-troubleshoot.html#imap

We use myrights, iirc.
Nope, from the protocol log I see that you're using GETACL:

-1709295[24b2390]: mail:A:SendData: 2 select "INBOX.listas.afbackup"
-1709295[24b2390]: mail:A:CreateNewLineFromSocket: * FLAGS (\Answered \Flagged
\Draft \Deleted \Seen) -1709295[24b2390]: mail:A:CreateNewLineFromSocket: * OK
[PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen \*)] 
-1709295[24b2390]: mail:A:CreateNewLineFromSocket: * 3 EXISTS -1709295[24b2390]:
mail:A:CreateNewLineFromSocket: * 0 RECENT -1709295[24b2390]:
mail:A:CreateNewLineFromSocket: * OK [UIDVALIDITY 981715795]  -1709295[24b2390]:
mail:A:CreateNewLineFromSocket: * OK [UIDNEXT 177]  -1709295[24b2390]:
mail:A:CreateNewLineFromSocket: 2 OK [READ-WRITE] Completed -1709295[24b2390]:
mail:S-INBOX.listas.afbackup:SendData: 3 getacl "INBOX.listas.afbackup"
-1709295[24b2390]: mail:S-INBOX.listas.afbackup:CreateNewLineFromSocket: * ACL
INBOX.listas.afbackup luca lrswipcda pippo lrs -1709295[24b2390]:
mail:S-INBOX.listas.afbackup:CreateNewLineFromSocket: 3 OK Completed 

You probably take the last acl listed instead of the acl for the logged in user.
Ccing luca.
From above my verification, it seems this is working fine for my account.
luca, can you confirm your problem by using the latest build again?
I verified with 0.9.9 (what I'm currently using) and it shows me the correct
permissions, just mine, though:
--------------
Folder type: personal folder
This is a personal mail folder. It has been shared.

You have the following permissions:
Full Control
---------------
It would be nice if it showed the permissions I granted to the other user.
Still no button to change permissions and bug 123093 has been marked as fixed.
Should I download a later build?
You'll only see the permissions button if your imap server supports the
X-SERVERINFO extension, and supports setting the permissions on your folders
from a web admin page. We don't have code in our client to set ACL.
Yes. Bug 123093 has been verified on the latest Server NMS 6.1 build which I 
request Server group for setting testing account for me. 
You won't see the fix even you download the latest client build since that is 
fix from the Server side.
Based on above luca & my verification.
I am marking as verified for this bug now.
Status: RESOLVED → VERIFIED
>You'll only see the permissions button if your imap server supports the
>X-SERVERINFO extension, and supports setting the permissions on your folders
>from a web admin page. We don't have code in our client to set ACL.

I searched bugzilla for "acl" "access control list" and "shared folders" and
found no other bug for this (setting acl through the imap protocol).
Should I file one?
Sure, file one - it'll be an RFE, and not likely to be done anytime soon, at
least by Netscape folks...it's the kind of thing that's better done on the
server since the server, for example, knows who the possible users to share with
are, whereas the client has no clue.
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.