NB-Public/groupfolders
14
0
Fork 0
mirror of https://github.com/netzbegruenung/groupfolders.git synced 2024-05-01 17:14:51 +02:00
Code Issues Projects Releases Wiki Activity
file_folderfamily_woman_woman_girl_boy Admin-configured folders shared by everyone in a group.
554 commits 34 branches 44 tags 5.8 MiB
PHP 56%
JavaScript 32%
TypeScript 6.4%
Vue 4.1%
CSS 0.9%
Other 0.6%
Go to file
Julius Härtl 0078e2809e
Run babel loader on js 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-08-23 17:20:18 +02:00
.tx Fix tx config 2018-02-12 23:03:29 +01:00
appinfo Merge pull request #522 from nextcloud/enh/acl-manage-permission 2019-08-21 15:09:52 +02:00
img register folder icon only when the file app is being loaded 2019-05-07 18:36:48 +02:00
js Allow to select users and groups for acl management 2019-07-19 10:45:37 +02:00
l10n [tx-robot] updated from transifex 2019-08-23 02:37:16 +00:00
lib Merge pull request #523 from nextcloud/bugfix/18/rename-before.mount 2019-08-23 16:39:45 +02:00
screenshots add acl documentation to readme 2019-05-06 16:17:40 +02:00
src Merge pull request #522 from nextcloud/enh/acl-manage-permission 2019-08-21 15:09:52 +02:00
templates cosmetics on admin page 2019-03-12 20:04:18 +01:00
tests load phpunit trough composer 2019-05-08 15:47:23 +02:00
.babelrc Add @babel/plugin-transform-arrow-functions 2019-08-23 17:20:17 +02:00
.drone.yml Fix core branch on CI 2019-07-12 10:38:04 +02:00
.gitignore run syntax check in ci 2019-05-08 15:15:34 +02:00
.php_cs.dist run php-cs-fixer 2017-08-15 16:56:32 +02:00
.scrutinizer.yml add scrutinizer config 2017-04-06 16:03:51 +02:00
.travis.yml Fix core branch on CI 2019-07-12 10:38:04 +02:00
CHANGELOG.md Release 4.0.5 2019-08-02 11:25:59 +02:00
composer.json load phpunit trough composer 2019-05-08 15:47:23 +02:00
composer.lock load phpunit trough composer 2019-05-08 15:47:23 +02:00
Makefile Release 4.0.5 2019-08-02 11:25:59 +02:00
package-lock.json Add @babel/plugin-transform-arrow-functions 2019-08-23 17:20:17 +02:00
package.json Add @babel/plugin-transform-arrow-functions 2019-08-23 17:20:17 +02:00
postcss.config.js mount group folders and wip ui 2017-04-13 17:45:49 +02:00
README.md add acl documentation to readme 2019-05-06 16:17:40 +02:00
tsconfig.json update dependencies 2018-09-03 22:25:45 +02:00
webpack.dev.config.js bumb dependencies 2019-06-14 12:34:42 +02:00
webpack.prod.config.js Run babel loader on js 2019-08-23 17:20:18 +02:00

README.md

Group folders

Admin configured folders shared by everyone in a group.

Configure folders

Folders can be configured from Group folders in the admin settings.

After a folder is created, the admin can give access to the folder to one or more groups and a quota can be assigned for the folder.

edit

Permissions to the content of a group folder can be configured on a per-group basis.

permissions

Folders

Once configured, the folders will show up in the home folder for each user in the configured groups.

folders

Advanced Permissions

Starting with Groupfolders 2.1.0 and Nextcloud 16 you can enable "Advanced Permissions", this allows admins to configure permissions inside groupfolders on a per file and folder basis

advanced permissions

Advanced permissions have to be enabled for each groupfolder separably, after which an administrator can configure permissions for files and folders trough the web interface under the share options (if the administrator has access to the groupfolder) or trough an occ command.

Permissions are configure by setting one or more of "Read", "Write", "Create", "Delete" or "Share" permissions to "allow" or "deny", any permission not set will inherit the permissions from the parent folder. If multiple configured permissions for a single file or folder apply for a single user (such as when a user belongs to multiple groups), the "allow" permission will overwrite any "deny" permission.

Configuring advanced permissions trough occ

Advanced permissions can also be configured trough the occ groupfolders:permissions command.

To use the occ command you'll first need to find the id of the groupfolder you're trying to configure trough occ groupfolders:list.

Before configuring any permissions you'll first have to enable advanced permissions for the folder using occ groupfolders:permissions <folder_id> --enable. Then you can list all configured permissions trough occ groupfolders:permissions <folder_id>.

occ groupfolders:permissions 1
+------------+--------------+-------------+
| Path       | User/Group   | Permissions |
+------------+--------------+-------------+
| folder     | group: admin | +write      |
| folder/sub | user: admin  | +share      |
|            | user: test   | -share      |
+------------+--------------+-------------+

Permissions for files and folders can be set trough occ groupfolders:permissions <folder_id> --group <group> <path> -- <permissions> to set permissions for a group or occ groupfolders:permissions <folder_id> --user <user> <path> -- <permissions> to set permissions for a single user.

<permissions> can be one or more of the following options: -read, +read, -write, +write, -create, +create, -delete, +delete, -share or +share to set the set the respective permission to "deny" or "allow". You can delete a rule by passing clear as the <permissions> field.

To help with configuring nested permission rules, you can check the effective permissions a user has for a path using occ groupfolders:permissions <folder_id> --user <user> <path> --test.

Notes

  • Currently using encryption on group folders is not supported, all files stored within a group folder will be stored unencrypted.
  • A new Group folder currently overwrites user folders with the same name. While this does not cause data loss, the users will see the new (empty!) Group folder and wont be able to access their old folder. When the Group folder gets removed, the old folder reappears. While we look into forcing group folders to be unique in an upcoming update, we recommend administrators to make sure the names are unique, for example by prefixing them in a certain way like GS_ and instructing users not to name their own top-level folders in a similar way.
  • Currently actions will not be recorded in Activity-Stream
  • Folders will appear as external storage and may need to be addressed per client-basis for download

API

Group folders can be configured externally trough the OCS Api.

For all POST calls the required parameters are listed, for more information about how to use an OCS api see the Nextcloud documentation on the topic

The following OCS calls are supported.

  • GET apps/groupfolders/folders: Returns a list of call configured folders and their settings
  • POST apps/groupfolders/folders: Create a new group folder.
    • mountpoint: The name for the new folder.
  • GET apps/groupfolders/folders/$folderId: Return a specific configured folder and it's settings
  • DELETE apps/groupfolders/folders/$folderId: Delete a group folder.
  • POST apps/groupfolders/folders/$folderId/groups: Give a group access to a folder
    • group: The id of the group to be given access to the folder.
  • DELETE apps/groupfolders/folders/$folderId/groups/$groupId: Remove access from a group to a folder.
  • POST apps/groupfolders/folders/$folderId/groups/$groupId: Set the permissions a group has in a folder
  • POST apps/groupfolders/folders/$folderId/quota: Set the quota for a folder.
    • quota: The new quota for the folder in bytes, user -3 for unlimited.
  • POST apps/groupfolders/folders/$folderId/mountpoint: Change the name of a folder.
    • mountpoint: The new name for the folder.