[#4488] Deal with "negative rights" in IMAP ACLs
Summary Deal with "negative rights" in IMAP ACLs
Queue IMP
Queue Version HEAD
Type Enhancement
State Accepted
Priority 1. Low
Owners
Requester Matt Selsky <selsky (at) columbia (dot) edu>
Created 10/04/2006 (1004 days ago)
Due
Updated 04/16/2007 (810 days ago)
Assigned
Resolved
Attachments
Milestone
Patch No

History
04/16/2007 Chuck Hagenbuch Comment #5
State ⇒ Accepted		 Reply to this comment
Works for me.
04/13/2007 Jan Schneider Comment #4 Reply to this comment
How about strike-through'ing the user names and some help icon next to it?
04/13/2007 Chuck Hagenbuch Comment #3 Reply to this comment
Matt or other ACL folks, any thoughts here?
02/04/2007 Chuck Hagenbuch Comment #2
State ⇒ Feedback		 Reply to this comment
Any suggestions on how to display negative ACLs?
10/04/2006 Matt Selsky Comment #1
Summary ⇒ Deal with "negative rights" in IMAP ACLs
Type ⇒ Enhancement
Priority ⇒ 1. Low
State ⇒ Accepted
Queue ⇒ IMP		 Reply to this comment
If an identifier is prefixed with a "-", then it is a negative ACL.   
From RFC 2086:

"When an identifier in an ACL starts with a dash ("-"), that indicates 
that associated rights are to be removed from the identifier that is 
prefixed by the dash.  For example, if the identifier "-fred" is 
granted the "w" right, that indicates that the "w" right is to be 
removed from users matching the identifier "fred".  Implementations 
need not support having identifiers which start with a dash in ACLs."

IMP currently displays the identifier with a leading "-", but it 
should make it clear that this is a negative ACL and remove the "-" 
for display purposes.  We will also need to add some online help so 
people know what negative ACLs are.