chibenwa commented on PR #2405: URL: https://github.com/apache/james-project/pull/2405#issuecomment-2346698421
(While I have been asking for it privately, ) I feel saddened that we skip right resolution logic alltogether. Saying that we do not handled setting 'p' rights for external individuals is one things. But over-simplifying the right resolution logic seems like a mistake. For instance as off today we would not take into account negative ACLs (every body can port to my mailbox vietnam except Forent). And there would be nothingmore harmfull than thinking you denied Florent that right while actually you did not. It turns out we can pretty simply, given the MailboxACL resolve the rights independently from the RightManager (which messes around with MailboxSession....) We could use `MailboxACLResolver`: ``` mailboxACLResolver.resolveRights(sender, acl, recipient).contains(Right.P) ``` Or something like this.... And of course add tests for ACL restrictions... -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
