i'm having the efffect that the output for --test with a user outside of an allowed group shows as result always +read, + write, +create, +delete, +share
Most likely one would test it with a user who is in a group with access to the groupfolder, so this was not discovered.
But since there is also the possiblity that a user has the mentioned access rights, it is misleading if users are displayed with +all when in fact they are forbidden completly.
It appears the permissions are enforced correct and only the output of occ is wrong.
At least there is no groupfolder displayed for users outside of the group, but I'm not sure if there is really not some way to access it.
I think there are two possible ways to solve this:
return "user not in group with access" (analog to "user does not exist")
return the correct access rights, which would be -read, -write, -create, -delete, -share
Of course if this is not only the output from occ which is wrong, then there is a bigger problem...
Nextcloud 19.0.0
Groupfolders 6.0.6
Steps to reproduce:
create a group folder, enable advanced permissions
try occ groupfolders:permissions <folder_id> --user <a_user_outside_an_allowed_group> <some_path> --test
output: +read, +write, +create, +delete, +share
Hello,
i'm having the efffect that the output for
--test
with a user outside of an allowed group shows as result always+read, + write, +create, +delete, +share
Most likely one would test it with a user who is in a group with access to the groupfolder, so this was not discovered. But since there is also the possiblity that a user has the mentioned access rights, it is misleading if users are displayed with +all when in fact they are forbidden completly.
It appears the permissions are enforced correct and only the output of occ is wrong. At least there is no groupfolder displayed for users outside of the group, but I'm not sure if there is really not some way to access it.
I think there are two possible ways to solve this:
-read, -write, -create, -delete, -share
Of course if this is not only the output from occ which is wrong, then there is a bigger problem...
Nextcloud 19.0.0 Groupfolders 6.0.6
Steps to reproduce: create a group folder, enable advanced permissions try
occ groupfolders:permissions <folder_id> --user <a_user_outside_an_allowed_group> <some_path> --test
output:+read, +write, +create, +delete, +share
Greetings, Uno