[jira] [Closed] (JAMES-4191) Deleted Message Vault should handle shared mailbox visibility loss

Wed, 08 Apr 2026 17:22:22 -0700 


     [ 
https://issues.apache.org/jira/browse/JAMES-4191?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Benoit Tellier closed JAMES-4191.
---------------------------------
    Resolution: Fixed

> Deleted Message Vault should handle shared mailbox visibility loss
> ------------------------------------------------------------------
>
>                 Key: JAMES-4191
>                 URL: https://issues.apache.org/jira/browse/JAMES-4191
>             Project: James Server
>          Issue Type: Bug
>          Components: deletedMessageVault
>            Reporter: Tran Hong Quan
>            Priority: Minor
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> ## Why
> Today:
> - `MessageContentDeletionEvent` is emitted only when the message is no longer 
> referenced globally
> - the event does not carry mailbox ACL context
> This may prevent correctly Deleted Message Vault handling of mailbox-scoped 
> visibility loss scenarios for shared messages.
> One scenario we need to verify with integration tests is:
> - Alice owns mailbox A
> - Bob has delegated read access to A
> - Bob copies a message from A into a mailbox Alice cannot access
> - Alice deletes the message from A
> - Alice should have the deleted message appended to her DMV
> Likely, the test would fail as of today.
> More generally, shared-mailbox expunge can cause some users to lose access to 
> a message while others still retain access through another mailbox/reference.
> We also should consider that impacted sharees should be able to restore 
> deleted shared-mailbox messages, too, not only the owner. For example, a 
> secretary who mainly handles messages for a minister may need to restore a 
> message deleted by mistake.
> ## How
> 1. Add integration tests in `DeletedMessageVaultIntegrationTest` to verify 
> shared-mailbox visibility-loss scenarios.
> 2. Enrich `MessageContentDeletionEvent` with mailbox ACL.
> 3. Adapt James consumers of that event so they can handle users who lost 
> access after an expunge.
> The consumers expected to be revisited are:
> - `DeletedMessageVaultDeletionListener`
> - `MessageFastViewProjectionDeletionListener`



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to