All of this is now implemented. I think shared mailboxes/ACLs are now fully working. The only thing left is to avoid calling acl_lookup_dict_rebuild() after each ACL change, but rather just update the dict directly with the changes.
Hmm. Wonder how quota behaves with shared mailboxes.. That's probably broken. On Sat, 2008-11-01 at 23:43 +0200, Timo Sirainen wrote: > On Fri, 2008-10-31 at 17:51 +0200, Timo Sirainen wrote: > > LIST % -> List "foo" as non-existing > > LIST foo -> List "foo" as non-existing > > LIST * -> List "foo/bar" only > > There are also some truly horrible cases. For example: > > 1 list "" foo* > * LIST (\HasNoChildren) "." "foo.foo.foo" > * LIST (\HasNoChildren) "." "foo.bar.baz" > 1 ok > > 2 list "" f*o.% > * LIST (\HasNoChildren) "." "foo.foo.foo" > * LIST (\Noselect \HasChildren) "." "foo.bar" > 2 OK List completed. > > 3 list "" f*r > * LIST (\Noselect \HasChildren) "." "foo.bar" > 3 OK List completed. > > As you can see, the non-existing "foo.foo" isn't returned because its > child "foo.foo.foo" also matches the pattern and is returned. But the > non-existing "foo.bar" is returned because its children don't match the > pattern. It took me forever to get all this stuff working right with > Maildir++. :) > > I think it would be possible to implement the same somewhat easily in > ACL code: > > 1. When ACL code sees that a non-existing mailbox is to be returned, > find out if there are any patterns that match the mailbox and that ends > with "*" character. If yes, don't return the mailbox (because its > children will be returned anyway). If not: > > 2. Start a new mailbox listing that lists children of the non-existing > mailbox (mailbox/*). If you find: > > a) A visible mailbox that matches the original patterns -> don't return > the original non-existing mailbox (since its child will be returned > later) > > b) No visible mailboxes -> don't return the original non-existing > mailbox > > c) Fallback to returning the non-existing mailbox > > The same logic should also be used when determining if shared namespace > prefixes should be returned (I think ACL code can do that too?) > > Also that code should work properly when mailbox names contain "*" or > "%" characters. Basically it means that when generating the mailbox/* > pattern replace all "*" chars with "%" chars in the mailbox name and > then later when going through the results skip over everything that > doesn't begin with the real mailbox name.
signature.asc
Description: This is a digitally signed message part