On Mon, 2008-11-03 at 13:03 +0100, Bernhard Herzog wrote:
As you can see, the non-existing "foo.foo" isn't returned because its child "foo.foo.foo" also matches the pattern and is returned. But the non-existing "foo.bar" is returned because its children don't match the pattern. It took me forever to get all this stuff working right with Maildir++. :)
I can imagine :). The reason it should work with ACLs more or less automatically is that when the mailbox list is populated by acl_mailbox_try_list_fast, it only adds the mailboxes that the user can see using mailbox_list_iter_update. mailbox_list_iter_update takes care of filling in the nonexisting parent mailboxes if necessary.
That's not correct actually. acl_mailbox_try_list_fast adds all mailboxes that exist in dovecot-acl-list file, i.e. all mailboxes that have 'l' right set to someone (not necessarily to you). So if you have:
foo: owner <no rights> foo/bar: user=xyz l
Then "foo" should be visible as non-existing mailbox for user xyz, but no-one else. With your change it will be visible to everyone.
Of course, assuming there's a reason acl_mailbox_try_list_fast has a "try" in its name and that it actually can fail, foo, foo.foo and foo.bar could perhaps end up in the mailbox list even if they do not have children that are visible to the user.
The name implies that it could fail. But .. hmm. I'm not sure yet, have to look at the code some more. :)