You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@james.apache.org by bt...@apache.org on 2021/02/25 02:21:59 UTC
[james-project] 01/08: JAMES-3410 Email/set deletes should not
delete mails when no delete right
This is an automated email from the ASF dual-hosted git repository.
btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git
commit 443e78c54e99adc439fd703c0e4dd3b97004dfc7
Author: Benoit Tellier <bt...@linagora.com>
AuthorDate: Thu Feb 18 12:53:11 2021 +0700
JAMES-3410 Email/set deletes should not delete mails when no delete right
JMAP draft and JMAP RFC-8621 are both impacted. Not found was returned but
the not yet validated set was used for deletes.
Credits to LĂȘ Loan (https://github.com/tlle14) for spotting it.
---
.../org/apache/james/mailbox/store/StoreMessageIdManager.java | 10 ++++++----
.../mailbox/store/AbstractMessageIdManagerStorageTest.java | 9 +++++++++
.../james/jmap/rfc8621/contract/EmailSetMethodContract.scala | 2 ++
.../integration/vault/DeletedMessageVaultIntegrationTest.java | 2 +-
4 files changed, 18 insertions(+), 5 deletions(-)
diff --git a/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMessageIdManager.java b/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMessageIdManager.java
index 9083844..a8f867d 100644
--- a/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMessageIdManager.java
+++ b/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMessageIdManager.java
@@ -221,17 +221,19 @@ public class StoreMessageIdManager implements MessageIdManager {
.stream()
.map(MailboxMessage::getMailboxId), Right.DeleteMessages);
- ImmutableSet<MessageId> accessibleMessages = messageList.stream()
+ List<MailboxMessage> accessibleMessages = messageList.stream()
.filter(message -> allowedMailboxIds.contains(message.getMailboxId()))
+ .collect(Guavate.toImmutableList());
+ ImmutableSet<MessageId> accessibleMessageIds = accessibleMessages.stream()
.map(MailboxMessage::getMessageId)
.distinct()
.collect(Guavate.toImmutableSet());
- Sets.SetView<MessageId> nonAccessibleMessages = Sets.difference(ImmutableSet.copyOf(messageIds), accessibleMessages);
+ Sets.SetView<MessageId> nonAccessibleMessages = Sets.difference(ImmutableSet.copyOf(messageIds), accessibleMessageIds);
- deleteWithPreHooks(messageIdMapper, messageList, mailboxSession);
+ deleteWithPreHooks(messageIdMapper, accessibleMessages, mailboxSession);
return DeleteResult.builder()
- .addDestroyed(accessibleMessages)
+ .addDestroyed(accessibleMessageIds)
.addNotFound(nonAccessibleMessages)
.build();
}
diff --git a/mailbox/store/src/test/java/org/apache/james/mailbox/store/AbstractMessageIdManagerStorageTest.java b/mailbox/store/src/test/java/org/apache/james/mailbox/store/AbstractMessageIdManagerStorageTest.java
index 8416d42..d9beb5b 100644
--- a/mailbox/store/src/test/java/org/apache/james/mailbox/store/AbstractMessageIdManagerStorageTest.java
+++ b/mailbox/store/src/test/java/org/apache/james/mailbox/store/AbstractMessageIdManagerStorageTest.java
@@ -360,6 +360,15 @@ public abstract class AbstractMessageIdManagerStorageTest {
}
@Test
+ void deleteAllShouldReturnNotDeleteWhenDeletingOnOtherSession() throws Exception {
+ MessageId messageId = testingData.persist(bobMailbox1.getMailboxId(), messageUid1, FLAGS, bobSession);
+
+ messageIdManager.delete(ImmutableList.of(messageId), aliceSession);
+
+ assertThat(messageIdManager.getMessage(messageId, FetchGroup.MINIMAL, bobSession)).hasSize(1);
+ }
+
+ @Test
void deleteMessageShouldThrowExceptionWhenDeletingOnSystemSession() {
MessageId messageId = testingData.persist(aliceMailbox1.getMailboxId(), messageUid1, FLAGS, aliceSession);
diff --git a/server/protocols/jmap-rfc-8621-integration-tests/jmap-rfc-8621-integration-tests-common/src/main/scala/org/apache/james/jmap/rfc8621/contract/EmailSetMethodContract.scala b/server/protocols/jmap-rfc-8621-integration-tests/jmap-rfc-8621-integration-tests-common/src/main/scala/org/apache/james/jmap/rfc8621/contract/EmailSetMethodContract.scala
index 8807ba3..1d4c1a8 100644
--- a/server/protocols/jmap-rfc-8621-integration-tests/jmap-rfc-8621-integration-tests-common/src/main/scala/org/apache/james/jmap/rfc8621/contract/EmailSetMethodContract.scala
+++ b/server/protocols/jmap-rfc-8621-integration-tests/jmap-rfc-8621-integration-tests-common/src/main/scala/org/apache/james/jmap/rfc8621/contract/EmailSetMethodContract.scala
@@ -4952,6 +4952,8 @@ trait EmailSetMethodContract {
| }, "c1"]
| ]
|}""".stripMargin)
+ assertThat(server.getProbe(classOf[MessageIdProbe]).getMessages(messageId, ANDRE))
+ .hasSize(1)
}
@Test
diff --git a/server/protocols/webadmin-integration-test/webadmin-integration-test-common/src/main/java/org/apache/james/webadmin/integration/vault/DeletedMessageVaultIntegrationTest.java b/server/protocols/webadmin-integration-test/webadmin-integration-test-common/src/main/java/org/apache/james/webadmin/integration/vault/DeletedMessageVaultIntegrationTest.java
index fe4be3f..2d20ea4 100644
--- a/server/protocols/webadmin-integration-test/webadmin-integration-test-common/src/main/java/org/apache/james/webadmin/integration/vault/DeletedMessageVaultIntegrationTest.java
+++ b/server/protocols/webadmin-integration-test/webadmin-integration-test-common/src/main/java/org/apache/james/webadmin/integration/vault/DeletedMessageVaultIntegrationTest.java
@@ -847,7 +847,7 @@ public abstract class DeletedMessageVaultIntegrationTest {
" {" +
" \"update\": {" +
" \"" + otherMailboxId.serialize() + "\" : {" +
- " \"sharedWith\" : {\"" + BART + "\": [\"l\", \"w\", \"r\"]}" +
+ " \"sharedWith\" : {\"" + BART + "\": [\"l\", \"w\", \"t\", \"r\"]}" +
" }" +
" }" +
" }," +
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org