Robert Schetterer <robert@schetterer.org> writes:
Bernhard Herzog schrieb:
On 15.01.2009, Sascha Wilde wrote:
But should it just internally convert "owner" to "username" when replying? From our experience this would be a very good idea. Many clients recognize the username and handle those ACLs differently in there UI (for example they don't offer them for editing). But they don't understand "owner".
To work around this, we created a patch that tries to avoid the owner ACL entries. [...] i dont think you should mess around what clients think where should this end , the technical right and most clear description is owner, username can be very wide interpreted and may lead to technical problems in reading imap-acl i.e from horde imp or other mail clients later, as far i remember owner is use i.e in exchange too
Hi Robert,
I'm not quite sure if we are talking about the same thing. This is about the reply to the getacl command in the imap protocol (in opposite to the output in the clients UI).
I don't know about exchange, but most clients don't know about dovecots special meaning of "owner" but simply consider it an ordinary user name.
On the other hand I know horde imp (the Kolab Webclient is horde based) and I can assure you that it gets confused by dovecots current behavior: it does not recognize "owner" as "the actual owner of that mailbox" and does not handle the ACL in any special way while it _does_ recognize when the returned username is matching the current user and for instance horde prevents the user from changing his own right.
Further more there is no way in the IMAP ACL extension to determine the "owner" of an mailbox I'm aware of, so there would be no way for an client to resolve the "owner" ACL to an actual user, which makes the information rather useless.
cheers
Sascha Wilde OpenPGP key: 4BB86568 http://www.intevation.de/~wilde/ http://www.intevation.de/ Intevation GmbH, Neuer Graben 17, 49074 Osnabrück; AG Osnabrück, HR B 18998 Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner