You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@james.apache.org by GitBox <gi...@apache.org> on 2022/11/28 03:14:37 UTC
[GitHub] [james-project] Arsnael commented on a diff in pull request #1332: JAMES-3756 JMAP Delegation extension specification
Arsnael commented on code in PR #1332:
URL: https://github.com/apache/james-project/pull/1332#discussion_r1033083447
##########
server/protocols/jmap-rfc-8621/doc/specs/spec/mail/delegation.mdown:
##########
@@ -0,0 +1,162 @@
+# Delegations extension
+
+> :information_source:
+> Not Implemented
+
+## Context
+This extension is specific to the Apache James server which defines methods to manage users' JMAP delegation settings.
+
+This extension to the JMAP specification enables to:
+
+- Manage accounts that a user delegates to access his account.
+- Manage accounts that a user is delegated to access.
+
+## Addition capability
+The URN `urn:apache:james:params:jmap:delegation` represents support for the Delegation data type and associated API methods.
+
+Servers supporting this specification MUST add this property to the capabilities object.
+
+## Addition to the Session object
+Servers supporting this specification MUST add the delegated accounts to the `accounts` property of the Session object.
+
+## Behavioral changes
+When `urn:apache:james:params:jmap:delegation` is specified, access to a delegated account is enabled through standard JMAP API calls
+but MUST except API calls to manage delegated account's delegation setting to avoid privilege escalation.
+
+## Delegation methods
+A **Delegation** object stores information about an email address that either has access to the user's account or delegates access
+to the user. The semantics for this object depends on the context of usage methods: either manage delegate accounts or delegated accounts.
+
+The delegation object MUST have the following properties:
+- **id**: `Id` (immutable; server-set)
+ The id of the Delegation.
+- **username**: `String` (immutable)
+ The email address of the user that either delegates or is delegated to this user account.
+
+A user can have multiple delegate accounts as well as multiple delegated accounts.
+
+A user can create, delete and retrieve his delegate accounts while only can delete and retrieve his delegated accounts.
Review Comment:
Find this a bit confusing too like above
##########
server/protocols/jmap-rfc-8621/doc/specs/spec/mail/delegation.mdown:
##########
@@ -0,0 +1,162 @@
+# Delegations extension
+
+> :information_source:
+> Not Implemented
+
+## Context
+This extension is specific to the Apache James server which defines methods to manage users' JMAP delegation settings.
+
+This extension to the JMAP specification enables to:
+
+- Manage accounts that a user delegates to access his account.
+- Manage accounts that a user is delegated to access.
+
+## Addition capability
+The URN `urn:apache:james:params:jmap:delegation` represents support for the Delegation data type and associated API methods.
+
+Servers supporting this specification MUST add this property to the capabilities object.
+
+## Addition to the Session object
+Servers supporting this specification MUST add the delegated accounts to the `accounts` property of the Session object.
+
+## Behavioral changes
+When `urn:apache:james:params:jmap:delegation` is specified, access to a delegated account is enabled through standard JMAP API calls
+but MUST except API calls to manage delegated account's delegation setting to avoid privilege escalation.
+
+## Delegation methods
+A **Delegation** object stores information about an email address that either has access to the user's account or delegates access
+to the user. The semantics for this object depends on the context of usage methods: either manage delegate accounts or delegated accounts.
+
+The delegation object MUST have the following properties:
+- **id**: `Id` (immutable; server-set)
+ The id of the Delegation.
+- **username**: `String` (immutable)
+ The email address of the user that either delegates or is delegated to this user account.
+
+A user can have multiple delegate accounts as well as multiple delegated accounts.
+
+A user can create, delete and retrieve his delegate accounts while only can delete and retrieve his delegated accounts.
+
+A server MUST not allow a delegated user to access and manage the owner user's delegation setting to avoid privilege escalation.
+
+The following JMAP methods are supported:
+
+### Delegate/get
+This method returns accounts that the user delegates to access his account.
+
+This is a standard "/get" method as described in [@!RFC8620], Section 5.1. The *ids* argument may be `null` to fetch all at once.
+
+A server MUST return the *SetError* type `forbidden` when a delegated user accesses the owner user's delegation setting.
+
+### Delegate/set
+This method allows the user to manage (create and delete) accounts that he delegates to access his account.
Review Comment:
```suggestion
This method allows the user to manage (create and delete) accounts that he delegates its access to.
```
##########
server/protocols/jmap-rfc-8621/doc/specs/spec/mail/delegation.mdown:
##########
@@ -0,0 +1,162 @@
+# Delegations extension
+
+> :information_source:
+> Not Implemented
+
+## Context
+This extension is specific to the Apache James server which defines methods to manage users' JMAP delegation settings.
+
+This extension to the JMAP specification enables to:
+
+- Manage accounts that a user delegates to access his account.
+- Manage accounts that a user is delegated to access.
+
+## Addition capability
+The URN `urn:apache:james:params:jmap:delegation` represents support for the Delegation data type and associated API methods.
+
+Servers supporting this specification MUST add this property to the capabilities object.
+
+## Addition to the Session object
+Servers supporting this specification MUST add the delegated accounts to the `accounts` property of the Session object.
+
+## Behavioral changes
+When `urn:apache:james:params:jmap:delegation` is specified, access to a delegated account is enabled through standard JMAP API calls
+but MUST except API calls to manage delegated account's delegation setting to avoid privilege escalation.
+
+## Delegation methods
+A **Delegation** object stores information about an email address that either has access to the user's account or delegates access
+to the user. The semantics for this object depends on the context of usage methods: either manage delegate accounts or delegated accounts.
+
+The delegation object MUST have the following properties:
+- **id**: `Id` (immutable; server-set)
+ The id of the Delegation.
+- **username**: `String` (immutable)
+ The email address of the user that either delegates or is delegated to this user account.
+
+A user can have multiple delegate accounts as well as multiple delegated accounts.
Review Comment:
I find this sentence confusing... What about:
`A user can delegate his account to multiple users as well as have access to the account of multiple users.`
Or something like that?
##########
server/protocols/jmap-rfc-8621/doc/specs/spec/mail/delegation.mdown:
##########
@@ -0,0 +1,162 @@
+# Delegations extension
+
+> :information_source:
+> Not Implemented
+
+## Context
+This extension is specific to the Apache James server which defines methods to manage users' JMAP delegation settings.
+
+This extension to the JMAP specification enables to:
+
+- Manage accounts that a user delegates to access his account.
+- Manage accounts that a user is delegated to access.
+
+## Addition capability
+The URN `urn:apache:james:params:jmap:delegation` represents support for the Delegation data type and associated API methods.
+
+Servers supporting this specification MUST add this property to the capabilities object.
+
+## Addition to the Session object
+Servers supporting this specification MUST add the delegated accounts to the `accounts` property of the Session object.
+
+## Behavioral changes
+When `urn:apache:james:params:jmap:delegation` is specified, access to a delegated account is enabled through standard JMAP API calls
+but MUST except API calls to manage delegated account's delegation setting to avoid privilege escalation.
+
+## Delegation methods
+A **Delegation** object stores information about an email address that either has access to the user's account or delegates access
+to the user. The semantics for this object depends on the context of usage methods: either manage delegate accounts or delegated accounts.
+
+The delegation object MUST have the following properties:
+- **id**: `Id` (immutable; server-set)
+ The id of the Delegation.
+- **username**: `String` (immutable)
+ The email address of the user that either delegates or is delegated to this user account.
+
+A user can have multiple delegate accounts as well as multiple delegated accounts.
+
+A user can create, delete and retrieve his delegate accounts while only can delete and retrieve his delegated accounts.
+
+A server MUST not allow a delegated user to access and manage the owner user's delegation setting to avoid privilege escalation.
+
+The following JMAP methods are supported:
+
+### Delegate/get
+This method returns accounts that the user delegates to access his account.
Review Comment:
```suggestion
This method returns accounts that the user has delegated access to.
```
?
##########
server/protocols/jmap-rfc-8621/doc/specs/spec/mail/delegation.mdown:
##########
@@ -0,0 +1,162 @@
+# Delegations extension
+
+> :information_source:
+> Not Implemented
+
+## Context
+This extension is specific to the Apache James server which defines methods to manage users' JMAP delegation settings.
+
+This extension to the JMAP specification enables to:
+
+- Manage accounts that a user delegates to access his account.
+- Manage accounts that a user is delegated to access.
+
+## Addition capability
+The URN `urn:apache:james:params:jmap:delegation` represents support for the Delegation data type and associated API methods.
+
+Servers supporting this specification MUST add this property to the capabilities object.
+
+## Addition to the Session object
+Servers supporting this specification MUST add the delegated accounts to the `accounts` property of the Session object.
+
+## Behavioral changes
+When `urn:apache:james:params:jmap:delegation` is specified, access to a delegated account is enabled through standard JMAP API calls
+but MUST except API calls to manage delegated account's delegation setting to avoid privilege escalation.
+
+## Delegation methods
+A **Delegation** object stores information about an email address that either has access to the user's account or delegates access
+to the user. The semantics for this object depends on the context of usage methods: either manage delegate accounts or delegated accounts.
+
+The delegation object MUST have the following properties:
+- **id**: `Id` (immutable; server-set)
+ The id of the Delegation.
+- **username**: `String` (immutable)
+ The email address of the user that either delegates or is delegated to this user account.
+
+A user can have multiple delegate accounts as well as multiple delegated accounts.
+
+A user can create, delete and retrieve his delegate accounts while only can delete and retrieve his delegated accounts.
+
+A server MUST not allow a delegated user to access and manage the owner user's delegation setting to avoid privilege escalation.
+
+The following JMAP methods are supported:
+
+### Delegate/get
+This method returns accounts that the user delegates to access his account.
+
+This is a standard "/get" method as described in [@!RFC8620], Section 5.1. The *ids* argument may be `null` to fetch all at once.
+
+A server MUST return the *SetError* type `forbidden` when a delegated user accesses the owner user's delegation setting.
+
+### Delegate/set
+This method allows the user to manage (create and delete) accounts that he delegates to access his account.
+
+This is a standard "/set" method as described in [@!RFC8620], Section 5.3, except the update part because of its limited usage.
+
+A server MUST return the *SetError* type `forbidden` when a delegated user accesses the owner user's delegation setting.
+
+### DelegatedAccount/get
+This method returns accounts that the user is delegated to access.
Review Comment:
```suggestion
This method returns accounts that the user has access to.
```
##########
server/protocols/jmap-rfc-8621/doc/specs/spec/mail/intro.mdown:
##########
@@ -153,6 +153,17 @@ This extension is specific to the Apache James server and enables to:
* read quotas usage and limits on mailboxes.
+### urn:apache:james:params:jmap:delegation
+
+> :information_source:
+> Not implemented
+
+This represents support for the Delegation data type and associated API methods. Servers supporting this specification MUST add this property to the capabilities object.
+
+This extension is specific to the Apache James server and enables to:
+
+* manage accounts that a user delegates to access his account, and manage accounts that a user is delegated to access.
Review Comment:
```suggestion
* manage accounts that a user delegated access to, and accounts that a user is allowed to access.
```
##########
server/protocols/jmap-rfc-8621/doc/specs/spec/mail/delegation.mdown:
##########
@@ -0,0 +1,162 @@
+# Delegations extension
+
+> :information_source:
+> Not Implemented
+
+## Context
+This extension is specific to the Apache James server which defines methods to manage users' JMAP delegation settings.
+
+This extension to the JMAP specification enables to:
+
+- Manage accounts that a user delegates to access his account.
+- Manage accounts that a user is delegated to access.
+
+## Addition capability
+The URN `urn:apache:james:params:jmap:delegation` represents support for the Delegation data type and associated API methods.
+
+Servers supporting this specification MUST add this property to the capabilities object.
+
+## Addition to the Session object
+Servers supporting this specification MUST add the delegated accounts to the `accounts` property of the Session object.
+
+## Behavioral changes
+When `urn:apache:james:params:jmap:delegation` is specified, access to a delegated account is enabled through standard JMAP API calls
+but MUST except API calls to manage delegated account's delegation setting to avoid privilege escalation.
+
+## Delegation methods
+A **Delegation** object stores information about an email address that either has access to the user's account or delegates access
+to the user. The semantics for this object depends on the context of usage methods: either manage delegate accounts or delegated accounts.
+
+The delegation object MUST have the following properties:
+- **id**: `Id` (immutable; server-set)
+ The id of the Delegation.
+- **username**: `String` (immutable)
+ The email address of the user that either delegates or is delegated to this user account.
+
+A user can have multiple delegate accounts as well as multiple delegated accounts.
+
+A user can create, delete and retrieve his delegate accounts while only can delete and retrieve his delegated accounts.
+
+A server MUST not allow a delegated user to access and manage the owner user's delegation setting to avoid privilege escalation.
+
+The following JMAP methods are supported:
+
+### Delegate/get
+This method returns accounts that the user delegates to access his account.
+
+This is a standard "/get" method as described in [@!RFC8620], Section 5.1. The *ids* argument may be `null` to fetch all at once.
+
+A server MUST return the *SetError* type `forbidden` when a delegated user accesses the owner user's delegation setting.
+
+### Delegate/set
+This method allows the user to manage (create and delete) accounts that he delegates to access his account.
+
+This is a standard "/set" method as described in [@!RFC8620], Section 5.3, except the update part because of its limited usage.
+
+A server MUST return the *SetError* type `forbidden` when a delegated user accesses the owner user's delegation setting.
+
+### DelegatedAccount/get
+This method returns accounts that the user is delegated to access.
+
+This is a standard "/get" method as described in [@!RFC8620], Section 5.1. The *ids* argument may be `null` to fetch all at once.
+
+A server MUST return the *SetError* type `forbidden` when a delegated user accesses the owner user's delegation setting.
+
+### DelegatedAccount/set
+This method allows the user to delete accounts that he is delegated to access.
Review Comment:
```suggestion
This method allows the user to delete accounts that he has access to.
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org