Determining permission to another mailbox using RDO when user isin permission group

  • Thread starter Thread starter tEst
  • Start date Start date
T

tEst

Hi all,
I am currently using RDO to read the current permission rights to a
delegate´s mailbox. I´m currently struggling on one particular situation:
we use groups to set permissions to users instead of setting them
directly to the acl.
Here´s an excerpt of what I did so far:

Dim Folder As RDOFolder =
Sess.GetFolderFromPath(applicationObject.ActiveExplorer.CurrentFolder.FolderPath)
Dim ace As RDOACE
For Each ace In Folder.ACL
If ace.Name = Sess.CurrentUser.Name Then
MsgBox(CStr(ace.Rights))
If ace.CanDeleteAll = True And ace.CanCreateItems =
True Then
NAR(ace)
ace = Nothing
Folder = Nothing
Return True
End If
End If
Next
ace = Nothing
Folder = Nothing

But this returns only the rights of the current entry. If the user is in
a permission group (I think we ar talking about public dist lists) I
cannot determine the actual permission level of that particular user.
Does anybody have an idea on how to detect the correct permission level
of a particular user?
Am I completely wrong with my code above? Does there exist another
(maybe low level) MAPI property where I can read the current permission,
or is there an entry in the active directory which I can access?

Thanks for any tip!

-Mike
 
What do you see in Outlook when you look at that folder (RMB, Permissions
tab)?
What do you see in OutlookSpy (click IMAPIFolder, PR_ACL_TABLE tab)?

BTW, why are you using GetFolderFromPath? Use GetFolderFromID:

Dim Folder As RDOFolder =
Sess.GetFolderFromID(applicationObject.ActiveExplorer.CurrentFolder.EntryID)

Make sure you set RDOSession.MAPIOBJECT to Namespace.MAPIOBJECT from OOM to
make sure RDO and OOM use the same MAPI session.


Dmitry Streblechenko (MVP)
http://www.dimastr.com/
OutlookSpy - Outlook, CDO
and MAPI Developer Tool
 
Hi Dmitry,

I´m sorry to ask: what do you mean by RMB?

In OutlookSpy I can see the following as Rows:
Row # 0
Maibox123-Reviewers
Mailbox123-PublishingEditors

Within the Rows there are five entries for each row:
PR_EntryID
PR_Instance_Key
PR_Member_ID
PR_Member_Name
PR_Member_Rights

I understand that I can read the actual entry of each of these rows with
ace.rights, but there are two questions left:
1 - how can I determine that an entry is a group instead of a person ?
2 - how can I resolve such permission groups to determine if a
particular user has sufficient permissions(I need to determine if the
user has delete permission) on that folder ?

Thanks again,

Mike
 
By RMB I mean "right mouse button click", sorry about being cryptic.
When accessing ACE in RDO, you can use RDOACE.AddressEntry property to get
back the corresponding RDOAddressEntry object. You can them access the
RDOAddressEntry.DisplayType property and RDOAddressEntry.Members collection
to figure out the type of fthe address entry and (in case of a DL) access
its members.

Dmitry Streblechenko (MVP)
http://www.dimastr.com/
OutlookSpy - Outlook, CDO
and MAPI Developer Tool
 
Back
Top