JAMES-2175 Solve confusion between Read and Lookup - Read means: may read messages in the mailbox - Lookup means: may read mailbox name
Hence Lookup is required to read mailbox details. Lookup is irrelevant. Project: http://git-wip-us.apache.org/repos/asf/james-project/repo Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/833fa2f3 Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/833fa2f3 Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/833fa2f3 Branch: refs/heads/master Commit: 833fa2f3d908dae2fc673a6107d2fea7e535c092 Parents: 825d739 Author: benwa <btell...@linagora.com> Authored: Mon Oct 9 11:15:12 2017 +0700 Committer: Matthieu Baechler <matth...@apache.org> Committed: Mon Oct 16 17:59:40 2017 +0200 ---------------------------------------------------------------------- .../james/mailbox/store/StoreMailboxManager.java | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/james-project/blob/833fa2f3/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java ---------------------------------------------------------------------- diff --git a/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java b/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java index eec1788..3b3f790 100644 --- a/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java +++ b/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java @@ -678,6 +678,10 @@ public class StoreMailboxManager implements MailboxManager { @Override public List<MailboxMetaData> search(MailboxQuery mailboxExpression, MailboxSession session) throws MailboxException { + return searchMailboxes(mailboxExpression, session, Right.Lookup); + } + + private List<MailboxMetaData> searchMailboxes(MailboxQuery mailboxExpression, MailboxSession session, Right right) throws MailboxException { MailboxMapper mailboxMapper = mailboxSessionMapperFactory.getMailboxMapper(session); Stream<Mailbox> baseMailboxes = mailboxMapper .findMailboxWithPathLike(getPathLike(mailboxExpression, session)) @@ -686,7 +690,7 @@ public class StoreMailboxManager implements MailboxManager { List<Mailbox> mailboxes = Stream.concat(baseMailboxes, delegatedMailboxes) .distinct() - .filter(Throwing.predicate(mailbox -> isReadable(session, mailbox))) + .filter(Throwing.predicate(mailbox -> hasRightForCurrentUser(session, mailbox, right))) .collect(Guavate.toImmutableList()); return mailboxes @@ -711,16 +715,18 @@ public class StoreMailboxManager implements MailboxManager { return new MailboxPath(base, combinedName); } - private Stream<Mailbox> getDelegatedMailboxes(MailboxMapper mailboxMapper, MailboxQuery mailboxQuery, MailboxSession session) throws MailboxException { + private Stream<Mailbox> getDelegatedMailboxes(MailboxMapper mailboxMapper, MailboxQuery mailboxQuery, + MailboxSession session) throws MailboxException { if (mailboxQuery.isPrivateMailboxes(session)) { return Stream.of(); } return mailboxMapper.findNonPersonalMailboxes(session.getUser().getUserName(), Right.Lookup).stream(); } - private boolean isReadable(MailboxSession session, Mailbox mailbox) throws MailboxException { + private boolean hasRightForCurrentUser(MailboxSession session, Mailbox mailbox, + Right right) throws MailboxException { return (isSameUser(session, mailbox) && isUserNamespace(mailbox)) - || hasRight(mailbox, Right.Lookup, session); + || hasRight(mailbox, right, session); } private boolean isSameUser(MailboxSession session, Mailbox mailbox) { @@ -772,7 +778,7 @@ public class StoreMailboxManager implements MailboxManager { } private Stream<MailboxId> getAllReadableMailbox(MailboxSession session) throws MailboxException { - return search(MailboxQuery.builder().matchesAllMailboxNames().build(), session) + return searchMailboxes(MailboxQuery.builder().matchesAllMailboxNames().build(), session, Right.Read) .stream() .map(MailboxMetaData::getId); } --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org