Re: [PR] James 3945 [james-project]

Fri, 13 Sep 2024 08:21:56 -0700 


florentos17 commented on PR #2405:
URL: https://github.com/apache/james-project/pull/2405#issuecomment-2349206387

   > (While I have been asking for it privately, ) I feel saddened that we skip 
right resolution logic alltogether.
   > 
   > Saying that we do not handled setting 'p' rights for external individuals 
is one things.
   > 
   > But over-simplifying the right resolution logic seems like a mistake.
   > 
   > For instance as off today we would not take into account negative ACLs 
(every body can port to my mailbox vietnam except Forent). And there would be 
nothingmore harmfull than thinking you denied Florent that right while actually 
you did not.
   > 
   > It turns out we can pretty simply, given the MailboxACL resolve the rights 
independently from the RightManager (which messes around with 
MailboxSession....)
   > 
   > We could use `MailboxACLResolver`:
   > 
   > ```
   > mailboxACLResolver.resolveRights(sender, acl, recipient).contains(Right.P)
   > ```
   > 
   > (It would be anyway cleaner than doing a naive ACL resolution...)
   > 
   > Or something like this....
   > 
   > And of course add tests for ACL restrictions...
   
   ---
   Using `mailboxACLResolver.resolveRights(sender, acl, recipient)` works very 
well, except in the case where the MaybeSender is not known. Fortunately, 
resolveRights can also take `null` as a sender, and works the way we want: if 
the owner gives the right to everybody, then the right is granted even with a 
`null` sender.
   This results in the following code:
   
   ```
   Username username;
   try {
       username = Username.fromMailAddress(mail.getMaybeSender().get());
   } catch (NoSuchElementException e) {
       username = null;
   }
   
   MailboxACL.Rfc4314Rights rights = mailboxACLResolver.resolveRights(
       username,
       aclCommand,
       recipient.toString());
   ``` 
      
   This works, but I know we don't like either variable re-allocations nor 
`null`. What do you suggest ? I could adapt `resolveRight()` to accept 
`Optional.empty()` instead of `null`, but is it my job to do it ?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to