Add a folder permission to grant full permissions to file owners

[aentwist]

User Story

I want to have shared folders where users are disallowed from editing or deleting others' files. Additionally, the folder owner should retain all permissions on the folder.

See https://help.nextcloud.com/t/shared-folders-limit-edit-delete-to-the-user-creating-the-file/90257 and https://help.nextcloud.com/t/per-user-delete-permissions/151461

Proposed Solution

Add a flag on folders to enable this behavior.

With this I could have something like,

• admin has full permissions (implicit)
• folder owner has full permissions - already implemented but may be affected
• uploader / file owner has full permissions
• group has read permission - group permissions are already implemented

This idea, in the wild - see https://en.wikipedia.org/wiki/Sticky_bit

For directories, when a directory's sticky bit is set, the filesystem treats the files in such directories in a special way so only the file's owner, the directory's owner, or [root user](https://en.wikipedia.org/wiki/Superuser) can rename or delete the file. Without the sticky bit set, any user with write and execute permissions for the directory can rename or delete contained files, regardless of the file's owner. Typically this is set on the [/tmp directory](https://en.wikipedia.org/wiki/Temporary_folder) to prevent ordinary users from deleting or moving other users' files.

The modern function of the sticky bit refers to directories, and protects directories and their content from being hijacked by non-owners; this is found in most modern Unix-like systems. Files in a shared directory such as /tmp belong to individual owners, and non-owners may not delete, overwrite or rename them.

Alternative Considerations

Notes

[lukas-schaetzle]

Would really love to see this feature. In my opinion it would especially be helpful for the group folders extension.