plugins/acl: Document how to use group statements to make rulesets#1404
plugins/acl: Document how to use group statements to make rulesets#1404cmouse wants to merge 1 commit intodovecot:mainfrom
Conversation
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
cmouse
force-pushed
the
acl
branch
2 times, most recently
from
d4468ae to
d86714c
Compare
| Folders `Secret` and `FooBar` will have `user1` with rights, while folders `TopSecret` has `user2` with rights. | ||
| This includes user `admin` from namespace level. | ||
|
|
||
| User `user3` will have rights on anything that starts with `Foo`, including `FooBar`. |
There was a problem hiding this comment.
Umm. Are you sure? Your CI test doesn't test merging of groups. I've a feeling @acl_rule_set can only override another one, not be merged.
There was a problem hiding this comment.
yes, it does. at least namespace and mailbox acls are merged.
There was a problem hiding this comment.
i'll check if mailbox acls are merged too, i think i checked that once, but have to recheck.
There was a problem hiding this comment.
and mailbox acls are merged too, bit weirdly though. wildcard boxes are merged but descendants are not.
There was a problem hiding this comment.
not sure what to do here.
There was a problem hiding this comment.
Not sure what exactly it means that "wildcard boxes are merged but descendants are not". But in the above example, is FooBar accessible by both user1, user3 and admin? Could be also clearer if the text was replaced by a table of folder name / admin / user1 / user2 / user3 and filled with X or -
There was a problem hiding this comment.
it means that if you have acl for "foo" and "foo*", they are merged, but acl for "foo" and "foo/bar" are not.
2 participants
JIRA: DOV-8636