Closed robmueller closed 6 years ago
rsto
commented
6 years ago Cyrus currently treats anything not shared the same as non-existent. We could certainly implement what's described in this issue, but I wonder how to deal with leaking information that's probably not meant to be shared (mailbox tree structure, mailbox name, etc.) It sounds as if Cyrus should return a consistent subset of the tree, but we would anonymise/null all fields except id and parentId?
robmueller
commented
6 years ago There's no more leakage here than in IMAP. If I have a folder:
user.myaccount.foo.this.that
And share it with another user, then they see literally that entire folder name in their account, so they see all the intermediate folder names (e.g. "foo" and "this").
So if JMAP returns mailboxes with id + name + parentId and sets all of myRights entries to false, that's basically the same as what you see via IMAP.
rsto
commented
6 years ago OK. To be pedantic, I plan to return mailboxes with
robmueller
commented
6 years ago Sounds good, but one extra thing. Talking with @neilj, we also think the "role" should be returned (ala https://github.com/cyrusimap/cyrus-imapd/issues/2365)
rsto
commented
6 years ago Fixed in e6ed9ac8e63189bd857e3fedbc1739623421aa0e
When you do a Mailbox/get on a shared accountId, you get a list of the shared folders. However if a folder (X) is a sub-folder of a non-shared folder (Y), then the parentId of X is for folder Y, but folder Y doesn't appear in the Mailbox/get list, so X appears as an orphaned folder.
Mailbox/get should ensure that it returns a consistent hierarchy, including all mailboxes referenced by parentId. Any such folders that aren't accessible to the user in any way should just have appropriate ACLs returned (e.g. everything in myRights should be false).