JAMES-2182 Fix rights for SELECT, STATUS

mpt/impl/imap-mailbox/core/src/main/resources/org/apache/james/imap/scripts/SharingAccessL.test

@@ -38,10 +38,8 @@ C: a1 MYRIGHTS #user.boby.mailbox-l
 S: \* MYRIGHTS \"#user.boby.mailbox-l\" \"l\"
 S: a1 OK MYRIGHTS completed.
 
-# TODO should have had failed
 C: a2 STATUS #user.boby.mailbox-l (MESSAGES)
-S: \* STATUS \"#user.boby.mailbox-l\" \(MESSAGES 0\)
-S: a2 OK STATUS completed.
+S: a2 NO STATUS failed. Status failed.
 
 # Ensure we cannot write in the mailbox
 C: a4 SELECT INBOX
@@ -67,16 +65,7 @@ S: a5 NO SETACL You need the Administer right to perform command SETACL on mailb
 C: a7 CREATE #user.boby.mailbox-l.evev
 S: a7 NO CREATE processing failed.
 
-# TODO should have had failed
 C: a3 SELECT #user.boby.mailbox-l
-S: \* OK \[MAILBOXID \(.*\)\] Ok
-S: \* FLAGS \(.*\)
-S: \* .* EXISTS
-S: \* .* RECENT
-S: \* OK \[UIDVALIDITY .*\] UIDs valid
-S: \* OK \[PERMANENTFLAGS\] No permanent flags permitted
-S: \* OK \[HIGHESTMODSEQ .*\] Highest
-S: \* OK \[UIDNEXT .*\] Predicted next UID
-S: a3 OK \[READ-ONLY\] SELECT completed.
+S: a3 NO SELECT failed.
 
 

protocols/imap/src/main/java/org/apache/james/imap/processor/AbstractSelectionProcessor.java

@@ -58,6 +58,7 @@
 import org.apache.james.mailbox.MessageManager.MailboxMetaData;
 import org.apache.james.mailbox.MessageUid;
 import org.apache.james.mailbox.ModSeq;
+import org.apache.james.mailbox.exception.InsufficientRightsException;
 import org.apache.james.mailbox.exception.MailboxException;
 import org.apache.james.mailbox.exception.MailboxNotFoundException;
 import org.apache.james.mailbox.model.MailboxACL;
@@ -109,7 +110,7 @@ protected Mono<Void> processRequestReactive(R request, ImapSession session, Resp
                 return ReactorUtils.logAsMono(() -> LOGGER.debug("Select failed as mailbox does not exist {}", mailboxName, e));
             })
             .onErrorResume(MailboxException.class, e -> {
-                no(request, responder, HumanReadableText.SELECT);
+                no(request, responder, HumanReadableText.FAILED);
                 return ReactorUtils.logAsMono(() -> LOGGER.error("Select failed for mailbox {}", mailboxName, e));
             });
     }
@@ -400,6 +401,12 @@ private Mono<MailboxMetaData> selectMailbox(MailboxPath mailboxPath, ImapSession
         final SelectedMailbox currentMailbox = session.getSelected();
 
         return Mono.from(mailboxManager.getMailboxReactive(mailboxPath, mailboxSession))
+            .<MessageManager>handle(Throwing.biConsumer((mailbox, sink) -> {
+                if (mailboxManager.hasRight(mailbox.getMailboxEntity(), MailboxACL.Right.Read, mailboxSession)) {
+                    sink.next(mailbox);
+                }
+                sink.error(new InsufficientRightsException("'r' right is needed to select a mailbox"));
+            }))
             .flatMap(Throwing.function(mailbox -> selectMailbox(session, responder, mailbox, currentMailbox)
                 .flatMap(Throwing.function(sessionMailbox ->
                     mailbox.getMetaDataReactive(recentMode(!openReadOnly, mailbox, mailboxSession), mailboxSession, EnumSet.of(MailboxMetaData.Item.FirstUnseen, MailboxMetaData.Item.HighestModSeq, MailboxMetaData.Item.NextUid, MailboxMetaData.Item.MailboxCounters))

protocols/imap/src/main/java/org/apache/james/imap/processor/StatusProcessor.java

@@ -44,10 +44,12 @@
 import org.apache.james.mailbox.MessageManager.MailboxMetaData.RecentMode;
 import org.apache.james.mailbox.MessageUid;
 import org.apache.james.mailbox.ModSeq;
+import org.apache.james.mailbox.exception.InsufficientRightsException;
 import org.apache.james.mailbox.exception.MailboxException;
 import org.apache.james.mailbox.exception.MailboxNotFoundException;
 import org.apache.james.mailbox.model.ComposedMessageIdWithMetaData;
 import org.apache.james.mailbox.model.FetchGroup;
+import org.apache.james.mailbox.model.MailboxACL;
 import org.apache.james.mailbox.model.MailboxId;
 import org.apache.james.mailbox.model.MailboxPath;
 import org.apache.james.mailbox.model.MessageRange;
@@ -59,6 +61,7 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import com.github.fge.lambdas.Throwing;
 import com.google.common.collect.ImmutableList;
 
 import reactor.core.publisher.Flux;
@@ -121,6 +124,12 @@ protected Mono<Void> processRequestReactive(StatusRequest request, ImapSession s
 
     private Mono<MailboxStatusResponse> sendStatus(MailboxPath mailboxPath, StatusDataItems statusDataItems, Responder responder, ImapSession session, MailboxSession mailboxSession) {
         return Mono.from(getMailboxManager().getMailboxReactive(mailboxPath, mailboxSession))
+            .<MessageManager>handle(Throwing.biConsumer((mailbox, sink) -> {
+                if (getMailboxManager().hasRight(mailbox.getMailboxEntity(), MailboxACL.Right.Read, mailboxSession)) {
+                    sink.next(mailbox);
+                }
+                sink.error(new InsufficientRightsException("'r' right is needed to status a mailbox"));
+            }))
             .flatMap(mailbox -> sendStatus(mailbox, statusDataItems, responder, session, mailboxSession));
     }