1mail::ACCOUNT::delRigmhatisl(:3:xA)CCOUNT Synchronous API rmeafielr:e:nAcCeCOUNT::delRights(3x)
2
3
4

NAME

6       mail::ACCOUNT::delRights - Delete an access control list identifier
7

SYNOPSIS

9       #include <libmail/sync.H>
10
11       mail::ACCOUNT *mail;
12       mail::folder *folder;
13
14
15
16       bool  ok=mail->delRights (mail::folder *folder, std::string &errorIden‐
17       tifier, std::vector<std::string> &errorRights, std::string identifier);
18

USAGE

20       This function implements folder access control  lists  (ACLs).   Access
21       control  lists  define  who  is  allowed  to do certain operations on a
22       folder, or on messages in the folder.  Folder ACLs are  implement  only
23       for  IMAP accounts on IMAP servers that implement access control lists.
24       This function will fail if folder is not a folder  on  an  IMAP  server
25       that supports access control lists.
26
27       mail::folder::delRights  removes  identifier  from  the folder's access
28       control list.
29
30   IDENTIFIER
31       Not all servers support every one of the following access control  list
32       identifiers.  See the server's documentation to check which access con‐
33       trol list identifiers are implemented by the server:
34
35       ``anonymous'', or ``anyone''
36              This identifier refers  to  universal  access  rights  given  to
37              everyone, including anonymous users (if supported by server).
38
39       ``authuser''
40              Same  as  ``anyone'', except for anonymous users.  If the server
41              does not implement anonymous access, then ``anonymous'',  ``any‐
42              one'', and ``authuser'' are equivalent.
43
44       ``owner''
45              The owner of the mailbox that contains the folder.
46
47       ``administrators''
48              Any  member of a group that's defined as an administrator group,
49              in an implementation-defined way.
50
51       ``user=username''
52              A single system user, identified by username.
53
54       ``group=groupname''
55              Any system user that's part of a group identified by  groupname.
56              Groups  are  created  and managed by IMAP server-specific tools.
57              See the server's documentation for information on  creating  and
58              managing  groups  (if  the  groups  are  even implemented by the
59              server in the first place).
60
61       ``-identifier''
62              An access control list identifier may be prefixed  by  a  ``-'',
63              which  refers  to a ``negative right''.  Negative rights explic‐
64              itly revoke the associated access  rights  from  the  identifier
65              instead of granting the right.
66
67              Negative  rights  are  not  implemented by all servers.  See the
68              server's documentation to check if the server  implements  nega‐
69              tive access rights.
70
71              Note:  username  and  groupname  must  specified using the UTF-8
72              character set.
73
74   ACCESS RIGHTS
75       At this time, the following access rights are supported:
76
77       ``a''  Administrator access: view  and  change  folder  access  control
78              lists.
79
80       ``c''  Create subfolders.
81
82       ``e''  Expunge deleted messages from the folder.
83
84       ``i''  Insert, or add messages to the folder.
85
86       ``l''  List, or view the folder's existence.  If a folder does not have
87              the ``l'' access right, the server will not include this  folder
88              when  it's  asked  to  list all folders in the folder directory.
89              However, if the ``r'' access right is present, the folder may be
90              opened if the folder's name is known.
91
92       ``r''  Read,  or  open  the folder.  An attempt to open the folder will
93              fail without the ``r'' access right, even if the  folder's  name
94              is known.
95
96       ``p''  ``Post messages'' to the folder.  This access right is currently
97              listed in the ACL specification; however its  intention  is  not
98              clear,  and  most  servers  do  not do anything useful with this
99              access right.  It is listed here for information purposes only.
100
101       ``s''  Allow changing the read/unread status of messages in the folder.
102              The  server will not automatically clear the unread message sta‐
103              tus flag on messages after they are read,  or  let  this  status
104              flag be explicitly changed, without the ``s'' access right.
105
106       ``t''  Allow  tagging  of messages as deleted or undeleted.  The server
107              will prohibit changing the messages' deleted message status flag
108              without the ``t'' access right.
109
110       ``w''  Allow  changing  the  draft,  replied, and marked message status
111              flags.  The server will not allow changes to these flags without
112              the ``w'' access right.
113
114       ``x''  Allow  this  folder  to  be  removed.   The server will not this
115              folder to be deleted without the ``x'' access right.
116
117   EXTENDED ERROR REPORTING
118       Most IMAP servers have restrictions on  which  combinations  of  access
119       rights  are  valid for which folders.  See the IMAP server's documenta‐
120       tion to check for any access  rights  restrictions.   The  most  common
121       restriction  is  that  the  ``e'',  ``t'', and ``x'' access rights must
122       either be set together, as a group, or not.  The server will reject  or
123       ignore an attempt to set prohibited combinations of access rights for a
124       given folder.
125
126       Some IMAP servers implement an extended form of the access control list
127       protocol  which  makes it possible to obtain the server's restrictions.
128       When an attempt to set an invalid access right combination is rejected,
129       errorIdentifier will be set to indicate which identifier's access right
130       combination was rejected (usually it will be set to the same  value  as
131       identifier.
132
133       errorRights will be set to an array of strings, each strings consisting
134       of one or more access rights.  The first array element,  errorRights[0]
135       will  contain the minimum access rights required for this folder (which
136       may be an empty string if the  folder  does  not  require  any  minimum
137       access  rights  for  the  identifier).   Each remaining string lists an
138       optional access right allowed for this folder.  If  a  string  contains
139       more  than  one access right, it means that these access rights must be
140       added or removed from the access control list together, as a group.
141

RETURN CODES AND CALLBACKS

143       This method returns true if it succeeds, or false if it fails.  If  the
144       method  fails,  use mail::ACCOUNT::getErrmsg() to read a brief descrip‐
145       tion of the error.
146

SEE ALSO

148       mail::ACCOUNT::getMyRights(3x),           mail::ACCOUNT::getRights(3x),
149       mail::ACCOUNT::setRights(3x).
150
151
152
153                                 10 April 2006    mail::ACCOUNT::delRights(3x)
Impressum