Eric, see inline
Gazda On Tue, Jan 10, 2012 at 7:21 PM, Eric Charles <[email protected]> wrote: > Hi Jochen, > See comment inline. > Thx, > Eric > > > On 09/01/12 22:24, Jochen Gazda wrote: >> >> Eric, >> >>> For the client, although this may be more related to a thunderbird >>> question, >>> I think we have to understand the client functions to adapt our server to >>> them. Currently, I can see 3 types of "sharing" on the thunderbird >>> client: >> >> >> I would not say you are listing types of sharing here. You are naming >> three places in Thunderbird, where sharing and ACL related settings >> can be seen and perhaps also edited. >> > > Good to me to be able to define access control at 3 different places, Seems > like you confirm after that they all are related to Imap ACL. > > >>> 1. The sharing tab when you right-click on a folder and ask for the >>> properties (showing the message "this server does not support sharing" >>> when >>> run with james) >> >> >> My Thunderbird connected to Cyrus IMAP says two things in that tab: >> >> (i) Folder Type: Public or Private - the value depends on namespace in >> which the given folder resides. As noted before, there is some support >> for Public namespace in >> org.apache.james.mailbox.store.SimpleMailboxSession.sharedSpaces, >> whereby sharedSpaces is newer initialized with meaningful values. It >> needs to be done somehow. >> >> (ii) You have the following permissions: Read, Write, Insert, etc. - >> actually the result of MYRIGHTS IMAP Command for the given folder. >> > > (i) sorry for my ignorance, I didn't read the ACL RFC: In which way > SimpleMailboxSession.sharedSpaces is related to ACL? I am not a specialist in this area but I believe that SimpleMailboxSession.sharedSpaces (i.e. correctly advertised Public namespace) is used by the client when it lists the group folders accessible for the given user. So, group folders accessible for the given user may exist, but he will never see them until the sharedSpaces are set properly. > (ii) I understand from what you say that this tab is well related to IMAP > ACL. Yes >>> 2. The imap-acl-extension which implements ACL we are talking about (with >>> a >>> comment on the extension page which says thunderbird does not implement >>> ACL >>> - is this true?). >> >> >> I have never used imap-acl-extension and I cannot say how reliable it >> is. However I would not expect that it is usable to direct it towars >> James now as we do not advertise ACL in CAPABILITY. >> When we support ACL, imap-acl-extension could be one of the tools >> which allow users with sufficient rights for the given folder to >> modify its ACLs. E.g. a user with 'a' (Administration) right can grant >> e.g. 'rwl' to other users or groups. >> > > Got it. > > >>> 3. The advanced options for an account where you can define Public >>> (shared) >>> and Other Users folders (see >>> >>> http://www.kombitz.com/wp-content/uploads/2008/10/thunderbird-idle-300x269.jpg) >> >> >> Let us go through what the Advanced Account Settings dialog contains: >> >> Show only subscribed folders - the most valuable setting for me. The >> very first thing I do for IMAP accounts: set it to false >> > > Ok, but not related to ACL right >> Nested Folders support - surely related to \HasNoChildren and >> \HasChildren flags. >> > > Ok, but not related to ACL right >> IDLE support - does James support IDLE? >> > > Yes, IDLE is supported OK >> Number of connections - self explaining >> > > Yep > > >> 3 Namespace lines - there is not much value in setting them for a >> server which supports NAMESPACE command. If you allow the server to >> override your settings, your client will try to ask the server for >> correct values, ergo these values are defined by the server. >> > > OK > > >>> Is this 3 different ways of giving access to your mail folders to other >>> users? >> >> >> No, not three, just one. I see only 2. as a way of "giving access". >> > > Simpler. Thx for the confirmation. > > >>> Btw, how as a user can I configure my client to gain (not give) access to >>> a >>> mate folder? >> >> >> If you already have the needed rights granted, there are two variants >> in Thunderbird: >> >> (a) Show only subscribed folders = false -> Nothing else to do. >> Thunderbird shows you everything you are allowed to see. >> >> (b) Show only subscribed folders = true -> In the context menu of the >> folder tree go to Subscribe... there you see every folder you are >> allowed to see and you have to select which should be retrieved by >> Thunderbird for you. >> > > I will need to test it as soon as ACL will be available in James. > I expect to see the folders of other users that gave me access :) > >> Just turn on the IMAP logging in Thunderbird to see which IMAP >> commands is Thunderbird sending: >> http://wiki.dovecot.org/Debugging/Thunderbird >> >> Best, >> >> Gazda >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> > > -- > eric | http://about.echarles.net | @echarles > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
