This is an automated email from the ASF dual-hosted git repository.
btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git
The following commit(s) were added to refs/heads/master by this push:
new 6c0f027ce6 JAMES-4095 Forbid deleting INBOX in IMAP (#2541)
6c0f027ce6 is described below
commit 6c0f027ce6ecd10e326a37d9b1e8853c01571d84
Author: hungphan227 <[email protected]>
AuthorDate: Thu Dec 5 05:30:31 2024 +0700
JAMES-4095 Forbid deleting INBOX in IMAP (#2541)
Co-authored-by: hung phan <[email protected]>
---
.../mpt/imapmailbox/suite/AuthenticatedState.java | 6 ++++++
.../org/apache/james/imap/scripts/DeleteInbox.test | 21 +++++++++++++++++++++
.../james/imap/api/display/HumanReadableText.java | 2 ++
.../james/imap/processor/DeleteProcessor.java | 6 ++++++
4 files changed, 35 insertions(+)
diff --git
a/mpt/impl/imap-mailbox/core/src/main/java/org/apache/james/mpt/imapmailbox/suite/AuthenticatedState.java
b/mpt/impl/imap-mailbox/core/src/main/java/org/apache/james/mpt/imapmailbox/suite/AuthenticatedState.java
index ae96496624..526a105b2e 100644
---
a/mpt/impl/imap-mailbox/core/src/main/java/org/apache/james/mpt/imapmailbox/suite/AuthenticatedState.java
+++
b/mpt/impl/imap-mailbox/core/src/main/java/org/apache/james/mpt/imapmailbox/suite/AuthenticatedState.java
@@ -475,4 +475,10 @@ public abstract class AuthenticatedState extends
BasicImapCommands {
.withLocale(Locale.KOREA)
.run("Rights");
}
+
+ @Test
+ public void testDeleteInbox() throws Exception {
+ simpleScriptedTestProtocol
+ .run("DeleteInbox");
+ }
}
diff --git
a/mpt/impl/imap-mailbox/core/src/main/resources/org/apache/james/imap/scripts/DeleteInbox.test
b/mpt/impl/imap-mailbox/core/src/main/resources/org/apache/james/imap/scripts/DeleteInbox.test
new file mode 100644
index 0000000000..6b90843683
--- /dev/null
+++
b/mpt/impl/imap-mailbox/core/src/main/resources/org/apache/james/imap/scripts/DeleteInbox.test
@@ -0,0 +1,21 @@
+################################################################
+# Licensed to the Apache Software Foundation (ASF) under one #
+# or more contributor license agreements. See the NOTICE file #
+# distributed with this work for additional information #
+# regarding copyright ownership. The ASF licenses this file #
+# to you under the Apache License, Version 2.0 (the #
+# "License"); you may not use this file except in compliance #
+# with the License. You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, #
+# software distributed under the License is distributed on an #
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY #
+# KIND, either express or implied. See the License for the #
+# specific language governing permissions and limitations #
+# under the License. #
+################################################################
+# Create a few folders
+C: 10 DELETE INBOX
+S: 10 NO DELETE failed. Deleting INBOX is forbidden.
\ No newline at end of file
diff --git
a/protocols/imap/src/main/java/org/apache/james/imap/api/display/HumanReadableText.java
b/protocols/imap/src/main/java/org/apache/james/imap/api/display/HumanReadableText.java
index 58a5762939..55bb0c5e0f 100644
---
a/protocols/imap/src/main/java/org/apache/james/imap/api/display/HumanReadableText.java
+++
b/protocols/imap/src/main/java/org/apache/james/imap/api/display/HumanReadableText.java
@@ -85,6 +85,8 @@ public class HumanReadableText {
public static final HumanReadableText FAILURE_NO_SUCH_MAILBOX = new
HumanReadableText("org.apache.james.imap.FAILURE_NO_SUCH_MAILBOX", "failed. No
such mailbox.");
+ public static final HumanReadableText FAILURE_DELETE_INBOX_NOT_ALLOWED =
new HumanReadableText("org.apache.james.imap.DELETE_INBOX_NOT_ALLOWED",
"failed. Deleting INBOX is forbidden.");
+
public static final HumanReadableText FAILURE_OVERQUOTA = new
HumanReadableText("org.apache.james.imap.OVERQUOTA", "failed. Over quota.");
public static final HumanReadableText FAILURE_NO_QUOTA_RESOURCE = new
HumanReadableText("org.apache.james.imap.FAILURE_NO_SUCH_QUOTA_RESOURCE",
"failed. No such quota resource.");
diff --git
a/protocols/imap/src/main/java/org/apache/james/imap/processor/DeleteProcessor.java
b/protocols/imap/src/main/java/org/apache/james/imap/processor/DeleteProcessor.java
index 040d8c3f2b..e9b2e530f5 100644
---
a/protocols/imap/src/main/java/org/apache/james/imap/processor/DeleteProcessor.java
+++
b/protocols/imap/src/main/java/org/apache/james/imap/processor/DeleteProcessor.java
@@ -27,6 +27,7 @@ import org.apache.james.imap.api.process.ImapSession;
import org.apache.james.imap.api.process.SelectedMailbox;
import org.apache.james.imap.main.PathConverter;
import org.apache.james.imap.message.request.DeleteRequest;
+import org.apache.james.mailbox.DefaultMailboxes;
import org.apache.james.mailbox.MailboxManager;
import org.apache.james.mailbox.exception.MailboxException;
import org.apache.james.mailbox.exception.MailboxNotFoundException;
@@ -55,6 +56,11 @@ public class DeleteProcessor extends
AbstractMailboxProcessor<DeleteRequest> {
protected Mono<Void> processRequestReactive(DeleteRequest request,
ImapSession session, Responder responder) {
MailboxManager mailboxManager = getMailboxManager();
MailboxPath mailboxPath =
pathConverterFactory.forSession(session).buildFullPath(request.getMailboxName());
+ if (DefaultMailboxes.INBOX.equalsIgnoreCase(mailboxPath.getName())) {
+ LOGGER.info("Deleting INBOX mailbox is not allowed (request from
user {})", session.getMailboxSession().getUser().asString());
+ no(request, responder,
HumanReadableText.FAILURE_DELETE_INBOX_NOT_ALLOWED);
+ return Mono.empty();
+ }
SelectedMailbox selected = session.getSelected();
return deselect(session, selected, mailboxPath)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
