Tran Hong Quan created JAMES-4191:
-------------------------------------
Summary: Deleted Message Vault should handle shared mailbox
visibility loss
Key: JAMES-4191
URL: https://issues.apache.org/jira/browse/JAMES-4191
Project: James Server
Issue Type: Bug
Components: deletedMessageVault
Reporter: Tran Hong Quan
## Why
Today:
- `MessageContentDeletionEvent` is emitted only when the message is no longer
referenced globally
- the event does not carry mailbox ACL context
This may prevent correctly Deleted Message Vault handling of mailbox-scoped
visibility loss scenarios for shared messages.
One scenario we need to verify with integration tests is:
- Alice owns mailbox A
- Bob has delegated read access to A
- Bob copies a message from A into a mailbox Alice cannot access
- Alice deletes the message from A
- Alice should have the deleted message appended to her DMV
Likely, the test would fail as of today.
More generally, shared-mailbox expunge can cause some users to lose access to a
message while others still retain access through another mailbox/reference.
We also should consider that impacted sharees should be able to restore deleted
shared-mailbox messages, too, not only the owner. For example, a secretary who
mainly handles messages for a minister may need to restore a message deleted by
mistake.
## How
1. Add integration tests in `DeletedMessageVaultIntegrationTest` to verify
shared-mailbox visibility-loss scenarios.
2. Enrich `MessageContentDeletionEvent` with mailbox ACL.
3. Adapt James consumers of that event so they can handle users who lost access
after an expunge.
The consumers expected to be revisited are:
- `DeletedMessageVaultDeletionListener`
- `MessageFastViewProjectionDeletionListener`
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
