A
Shared Folders

This section discusses Oracle Email shared folders.

This appendix contains the following topics:

Overview of Shared Folders

User folders can be shared with other users, distribution lists, or with everyone in a user's domain using access control lists (ACLs). Oracle Email supports ACLs defined in RFC 2086.

RFC 2086 defines the following namespaces:

Other user's namespace: A namespace that consists of mailboxes from the personal namespaces of other users.
Shared namespace: A namespace that consists of mailboxes that are intended to be shared amongst users.

In Oracle Email, folders within another user's namespaces are referred to as shared folders, and folders within shared namespaces are referred to as public folders.

If a folder is shared with everyone in a domain, it is called a public folder. Otherwise, if the folder is shared with one or more users or distribution lists, it is called a shared folder.

For IMAP, Oracle Email uses the following prefixes for shared and public folders:

#Shared/: All shared folders accessible to the user appear under this namespace in the folder listing
#Public/:All the public folders appear under this namespace in the folder listing

See Also:
Oracle Email Application Developer's Guide for shared folder information using OJMA

Understanding Access Control Lists for Shared Folders

ACLs are used to share folders with other identifiers in the Oracle Email system. Oracle Email identifiers are listed in Table A-1.

Table A-1 Oracle Email Identifiers

Identifier	Description
Users	Users are explicitly granted permissions to a folder
Distribution lists	A distribution list is granted permission, which implies that all the members of the distribution list have complete rights. If a member is added or removed from a distribution list, the rights are automatically updated.
Domain	All the users in the domain have the specified permissions.

Folders cannot be shared across domains. To share folders within a domain, you must have either domain or system administrator privileges.

The following domain rights can be granted:

Table A-2 Domain Rights

Domain Right	Description
l - lookup	Allows folders to be listed
r - read	Allows messages to be read from a folder
s - seen/unseen flag	Allows `seen` and `unseen` flag changes to be kept across sessions
w - write	Enables flags other than seen and delete to be stored
i - insert	Enables messages to be appended or copied into a folder
d - delete	Enables deleted flags for messages to be stored in a folder or expunge the folder
a - administer	Enables ACLs to be set and deleted on folders that are owned by other users

Oracle Email always grants lookup rights with other rights. All rights are grouped with lookup privileges. None of the other rights are tied together.

The following rules apply to folders:

Folders cannot be shared across domains
Folder owners have all rights on their folders
Only owners can rename or delete shared folders
Sub-folders under a shared folder do not inherit any rights
It is possible for multiple identifiers in an ACL to apply to a given user. For example, an ACL can include rights that are granted to a domain and mailing list that the user is a member of. In such cases, a union of rights are granted to the user. If a user is given specific rights, then only those rights at the user level are applicable.

For example, consider a user who is a member of group G1 and list L1, which been granted the following rights:

identifier     rights
==========     =======
G1             li
L1             lrs

In this case the user's rights are a union of li and lrs, or lrsi, as derived from membership in group G1 and list L1, respectively.

User level rights take precedence over other rights. For example, if a user has lr rights at the user level, then the applicable rights are lr.

Managing Public Folders

You must have system or domain privileges to create public folders. Public folders are first created in an administrator's private namespace. To make the folders public, you must give rights to the domain identifier.

Once a public folder is created, it can be administered by other administrators without specifying any rights. Public folders must be created with a unique name because they do not have a user name prefix. For example, if administrator A1 creates a public folder called public1, then administrator A2 cannot create a public folder with the same name.

Public folders count towards the owner's e-mail quota.

Administrators can grant more rights to other identifiers. For example, a user can be granted insert (i) rights to add messages to a public folder. This folder appears twice in the user's folder listing: as a public folder and as a shared folder.

A Shared Folders