Only allow editing of your own ACLs

Only allow editing of your own ACLs Fri, 10 Apr 2026 05:02:49 +0000 https://bugs.horde.org/ticket/4480 Only allow editing of your own ACLs IMP currently shows ACLs for folders that you don't have adm IMP currently shows ACLs for folders that you don't have admin access to as if you can edit them. IMP should instead display the ACL, but grey it out so you don't think you can change it. Currently the error is "Permission denied" with Cyrus. Tue, 03 Oct 2006 05:47:18 +0000 https://bugs.horde.org/ticket/4480#t24516 There's a canEdit($folder, $user) function that is unimpleme There's a canEdit($folder, $user) function that is unimplemented in all drivers. Any problem with adding a new function? canUserEdit($folder) { // ask IMAP server for rights on $folder via "MYRIGHTS" command for current user. } Or should the canEdit function be modified to make the $user argument optional, and if not set, then do the MYRIGHTS command above? Tue, 03 Oct 2006 06:16:54 +0000 https://bugs.horde.org/ticket/4480#t24526 Comments? Comments? Tue, 03 Oct 2006 09:10:32 +0000 https://bugs.horde.org/ticket/4480#t24531 Let's try that again. Let's try that again. Tue, 03 Oct 2006 09:11:42 +0000 https://bugs.horde.org/ticket/4480#t24534 > Or should the canEdit function be modified to make the $us > Or should the canEdit function be modified to make the $user argument > optional, and if not set, then do the MYRIGHTS command above? Neither, the method should be used as is, and you patch looks like it does this. I don't exactly follow the logic without applying the patch, but do you have in mind that the driver could connect as a regular user or the cyrus user? Beside that, that authentication stuff has to go into a separate private method to avoid the code duplication. Tue, 03 Oct 2006 11:32:55 +0000 https://bugs.horde.org/ticket/4480#t24541 > Neither, the method should be used as is, and you patch lo > Neither, the method should be used as is, and you patch looks like it > does this. I don't exactly follow the logic without applying the > patch, but do you have in mind that the driver could connect as a > regular user or the cyrus user? > Beside that, that authentication stuff has to go into a separate > private method to avoid the code duplication. Currently the driver connects as a regular user. No special access is needed for the MYRIGHTS command. I'll refactor the authentication code. Tue, 03 Oct 2006 17:47:25 +0000 https://bugs.horde.org/ticket/4480#t24548 Are there cases when you'd want to call canEdit() for other Are there cases when you'd want to call canEdit() for other users besides the current one? Tue, 03 Oct 2006 17:57:13 +0000 https://bugs.horde.org/ticket/4480#t24552 > Are there cases when you'd want to call canEdit() for othe > Are there cases when you'd want to call canEdit() for other users > besides the current one? Not at the moment, but given that this is a general purpose class in horde, I would like to keep that option. Tue, 03 Oct 2006 23:37:28 +0000 https://bugs.horde.org/ticket/4480#t24563 > Not at the moment, but given that this is a general purpos > Not at the moment, but given that this is a general purpose class in > horde, I would like to keep that option. The RFC doesn't seem to provide a mechanism to get this sort of information though... Wed, 04 Oct 2006 23:05:00 +0000 https://bugs.horde.org/ticket/4480#t24601 But technically, the username passed in the parameters is on But technically, the username passed in the parameters is only an argurment for the driver instance, other drivers might not need this parameter. Wed, 04 Oct 2006 23:18:35 +0000 https://bugs.horde.org/ticket/4480#t24605 Committed. Login code still needs to be refactored. Committed. Login code still needs to be refactored. Tue, 10 Oct 2006 08:51:45 +0000 https://bugs.horde.org/ticket/4480#t24803 Which login code is in question here? Is this still an issue Which login code is in question here? Is this still an issue? Thu, 03 May 2007 16:03:39 +0000 https://bugs.horde.org/ticket/4480#t32556 See: http://cvs.horde.org/co.php?r=1.28&f=framework%2FIMA See: http://cvs.horde.org/co.php?r=1.28&f=framework%2FIMAP%2FIMAP%2FACL%2Frfc2086.php#l380 and http://cvs.horde.org/co.php?r=1.28&f=framework%2FIMAP%2FIMAP%2FACL%2Frfc2086.php#l530 Thu, 03 May 2007 16:11:09 +0000 https://bugs.horde.org/ticket/4480#t32562 Jan - Is this still an issue in git HEAD? Jan - Is this still an issue in git HEAD? Tue, 10 Aug 2010 22:02:05 +0000 https://bugs.horde.org/ticket/4480#t59571 AFAICS GETACL fails if the user doen't have admin permission AFAICS GETACL fails if the user doen't have admin permissions on the folder, and gets an error notification. Unfortunatly, the form is otherwise empty, so he can't select another folder, but has to return to the prefs overview first. Tue, 10 Aug 2010 23:23:57 +0000 https://bugs.horde.org/ticket/4480#t59583 Changes have been made in Git for this ticket: Bug #4480: a Changes have been made in Git for this ticket: Bug #4480: always show mailbox list, even on ACL list error http://git.horde.org/diff.php/imp/lib/Prefs/Ui.php?rt=horde-git&r1=b1904c7f78abed1faf32ed6acb94aefb350f7aa8&r2=4d4352c2f89d39c3dd5b010b7249745dd1f16d03 http://git.horde.org/diff.php/imp/templates/prefs/acl.html?rt=horde-git&r1=b1904c7f78abed1faf32ed6acb94aefb350f7aa8&r2=4d4352c2f89d39c3dd5b010b7249745dd1f16d03 Thu, 21 Oct 2010 06:04:49 +0000 https://bugs.horde.org/ticket/4480#t60512