Tue, 07 Oct 2008 12:28:03 -0400 http://bugs.horde.org/ticket/4480 Only allow editing of your own ACLs IMP currently shows ACLs for folders that you don't have admin access to as if you can edit them. IMP should instead display the ACL, but grey it out so you don't think you can change it. Currently the error is "Permission denied" with Cyrus. Tue, 03 Oct 2006 01:47:18 -0400 http://bugs.horde.org/ticket/4480#t24516 There's a canEdit($folder, $user) function that is unimplemented in all drivers. Any problem with adding a new function? canUserEdit($folder) { // ask IMAP server for rights on $folder via "MYRIGHTS" command for current user. } Or should the canEdit function be modified to make the $user argument optional, and if not set, then do the MYRIGHTS command above? Tue, 03 Oct 2006 02:16:54 -0400 http://bugs.horde.org/ticket/4480#t24526 Comments? Tue, 03 Oct 2006 05:10:32 -0400 http://bugs.horde.org/ticket/4480#t24531 Let's try that again. Tue, 03 Oct 2006 05:11:42 -0400 http://bugs.horde.org/ticket/4480#t24534 > Or should the canEdit function be modified to make the $user argument > optional, and if not set, then do the MYRIGHTS command above? Neither, the method should be used as is, and you patch looks like it does this. I don't exactly follow the logic without applying the patch, but do you have in mind that the driver could connect as a regular user or the cyrus user? Beside that, that authentication stuff has to go into a separate private method to avoid the code duplication. Tue, 03 Oct 2006 07:32:55 -0400 http://bugs.horde.org/ticket/4480#t24541 > Neither, the method should be used as is, and you patch looks like it > does this. I don't exactly follow the logic without applying the > patch, but do you have in mind that the driver could connect as a > regular user or the cyrus user? > Beside that, that authentication stuff has to go into a separate > private method to avoid the code duplication. Currently the driver connects as a regular user. No special access is needed for the MYRIGHTS command. I'll refactor the authentication code. Tue, 03 Oct 2006 13:47:25 -0400 http://bugs.horde.org/ticket/4480#t24548 Are there cases when you'd want to call canEdit() for other users besides the current one? Tue, 03 Oct 2006 13:57:13 -0400 http://bugs.horde.org/ticket/4480#t24552 > Are there cases when you'd want to call canEdit() for other users > besides the current one? Not at the moment, but given that this is a general purpose class in horde, I would like to keep that option. Tue, 03 Oct 2006 19:37:28 -0400 http://bugs.horde.org/ticket/4480#t24563 > Not at the moment, but given that this is a general purpose class in > horde, I would like to keep that option. The RFC doesn't seem to provide a mechanism to get this sort of information though... Wed, 04 Oct 2006 19:05:00 -0400 http://bugs.horde.org/ticket/4480#t24601 But technically, the username passed in the parameters is only an argurment for the driver instance, other drivers might not need this parameter. Wed, 04 Oct 2006 19:18:35 -0400 http://bugs.horde.org/ticket/4480#t24605 Committed. Login code still needs to be refactored. Tue, 10 Oct 2006 04:51:45 -0400 http://bugs.horde.org/ticket/4480#t24803 Which login code is in question here? Is this still an issue? Thu, 03 May 2007 12:03:39 -0400 http://bugs.horde.org/ticket/4480#t32556 See: http://cvs.horde.org/co.php?r=1.28&f=framework%2FIMAP%2FIMAP%2FACL%2Frfc2086.php#l380 and http://cvs.horde.org/co.php?r=1.28&f=framework%2FIMAP%2FIMAP%2FACL%2Frfc2086.php#l530 Thu, 03 May 2007 12:11:09 -0400 http://bugs.horde.org/ticket/4480#t32562