[imp] IMAP ACLs [PATCH]

Chris Hastie lists at oak-wood.co.uk
Tue Feb 4 17:21:01 PST 2003


On Tue, 4 Feb 2003, Adam Tauno Williams <adam at morrison-ind.com> wrote
>
>I get the following messages after picking a folder to modify
>
>Notice: Undefined index: adam in /var/www/html/horde/imp/lib/ACL/rfc2086.php on
>line 388
>Warning: array_key_exists() [function.array-key-exists]: The second argument
>should be either an array or an object in
>/var/www/html/horde/imp/lib/ACL/rfc2086.php on line 388

I think these are to do with your use of groups, which I didn't actually 
consider at all. I assume the user 'adam' does not have any rights 
defined as an individual on this folder. This would be at the heart of 
both these problems.

>Have I missed configuring something?

No, I missed supporting groups. These are implementation specific and 
not really defined by RFC2086.

>Also,  I'm a member of group cis,  and
>group:cis is listed in the current permissions with the "a" privilage,  but it
>says I don't have permission to change it.

It only checks that you have the 'a' privilege, not any groups you are a 
member of. The concept of groups presents a bit of a problem here.

Imp can not easily find out what Cyrus groups you are a member of. It 
follows that Imp can not actually decide whether or not you can edit 
access to a folder. The only way I can really deal with this is to 
remove all checking and let you try to change the privileges, reporting 
an error if the server returns one. Doing this would sort out the 
notices and warnings you got too, since these come from the function 
IMP_ACL_rfc2086::canEdit(), the function that currently tries to work 
out if you have sufficient privileges to change an ACL but fails to 
account for groups.

So the simple solution here is to replace this function (in 
imp/lib/ACL/rfc2086.php) with:

     function canEdit($acl, $user) {
             return true;
     }

-- 
Chris Hastie


More information about the imp mailing list