Extended ACL permissions for "upload only" without having read permissions

nextcloud / groupfolders

📁👩‍👩‍👧‍👦 Admin-configured folders shared by everyone in a group. https://github.com/nextcloud-releases/groupfolders

https://apps.nextcloud.com/apps/groupfolders

278 stars 85 forks source link

Extended ACL permissions for "upload only" without having read permissions #1723

Open kroerig opened 2 years ago

kroerig commented 2 years ago

How to use GitHub

Please use the 👍 reaction to show that you are interested into the same feature.
Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
Subscribe to receive notifications on status change and new comments.

Is your feature request related to a problem? Please describe. It would be very helpfull and nice to have a new extended right on groupfolders: Allow/Deny listing

Describe the solution you'd like Sometimes you have users that should be able to upload content to a folder, but must not see what others users have put in. NC has a right for that for shared folders, but groupfolders does not.

fschrempf commented 2 years ago

I currently don't know how this could be implemented. For users to view only the files they have uploaded themselves and hide all the other files, we would need to store the uploader of the file, but this is currently not the case. So we don't know which file was uploaded by whom and there are also no owners of the files in a groupfolder.

I'm thinking about closing this as "won't fix" for the moment as I don't see any way to do this in the current state.

CarlSchwan commented 2 years ago

I currently don't know how this could be implemented. For users to view only the files they have uploaded themselves and hide all the other files, we would need to store the uploader of the file, but this is currently not the case. So we don't know which file was uploaded by whom and there are also no owners of the files in a groupfolder.

For normal share with upload only permissions, we don't show the files the user already uploaded. Once a file is uploaded they can't remove it anymore. I guess the same behavior could be used here, but it is probably a better idea to just share the groupfolder with upload-only permission instead of replicating all the complex logic for upload only folder in groupfolder.

kroerig commented 2 years ago

In my case the folder is part of a predefind folder hierarchy. If I share this folder, the share would break out of the hierarchy and users would have to ways to access it. One for uploading files and one for viewing (for those who have the permission). This would break the workflow.

fschrempf commented 2 years ago

For normal share with upload only permissions, we don't show the files the user already uploaded. Once a file is uploaded they can't remove it anymore. I guess the same behavior could be used here, but it is probably a better idea to just share the groupfolder with upload-only permission instead of replicating all the complex logic for upload only folder in groupfolder.

Ah, ok. Thanks for clarifying. I didn't know this. Agreed!

fschrempf commented 2 years ago

In my case the folder is part of a predefind folder hierarchy. If I share this folder, the share would break out of the hierarchy and users would have to ways to access it. One for uploading files and one for viewing (for those who have the permission). This would break the workflow.

Ok, then let's keep this as feature request with low priority.