-
Notifications
You must be signed in to change notification settings - Fork 87
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Extend permission assignment possibilities #763
Conversation
Signed-off-by: Miloslav Nenadal <nenadalm@gmail.com>
Signed-off-by: Miloslav Nenadal <nenadalm@gmail.com>
Signed-off-by: Miloslav Nenadal <nenadalm@gmail.com>
It solves problems for me. Creating nested groupfolders is no longer required. |
- inherited acls cannot be removed - if non inherited acl is removed, inherited acl takes it's place if any Signed-off-by: Miloslav Nenadal <nenadalm@gmail.com> # Conflicts: # src/client.js # src/components/SharingSidebarView.vue # src/model/Rule.js
Signed-off-by: Miloslav Nenadal <nenadalm@gmail.com>
e6c81bc
to
51efaf8
Compare
…ced permissions are enabled Signed-off-by: Miloslav Nenadal <nenadalm@gmail.com>
Signed-off-by: Miloslav Nenadal <nenadalm@gmail.com>
I was wondering if we should do this on a per group level (similar to how the read/write/delete default permissions are set). We also should think about if we need to handle the root folder differently here, since otherwise you always need to add an ACL for the root itself first to make sure it shows up in the users home.
I'm not entirely sure if the current code properly prevents users to adjust ACLs if they have limited access to a path due to other ACL limitations. Splitting users who can manage ACL and admin users adds a new level of complexity here, so for now I'd like to stick with the approach that there is no limitation for users who can manage ACLs and give those full read access to avoid unexpected behavior here. |
We need to deny access by default and since it's just different way of doing it, I don't mind. Should I change that? In case of using different policy for different groups I think my mind would blow up when trying to set permissions, but I have no intentions on doing so :)
Since it's consistent with other folders, I think it's fine. Maybe if users have some permissions on sub folders/files then these users should have read access to root as well? If so, should this work also for other folders other than root? Say there is file
ok. I'll change that. cc @janpekar |
What is the status of this pull request? It seems to be a very useful function. |
Does this pull request still have a chance to be merged? This PR would allow much easier managment of group folders with high member count and complex permission structures. |
I don't think this PR has the potential to be merged in its current state. This doesn't mean that it doesn't add value. But rather than applying a pile of changes to cover multiple different issues, we probably want to work out the single points that need to be improved or fixed in the according issues and find solutions for each one separately. We need to find solutions that don't add too much complexity and don't introduce too many (best: none) new user options that affect the overall behavior. Better fix the default behavior for all users instead. One of the main points of this PR seem to be the issues mentioned in the description above. Let's discuss these topics there. |
I'm closing this due to the reasons mentioned above and invite everyone involved to discuss the solutions in the linked issues, create new issues if required and come up with PRs that solve one problem at a time. |
this pr includes #761
new featues:
existing issues this will might solve:
please check if this pr solves Your problems. We are evaluating if it solves ours. In case functionality is ok, it might be wise to do some performance optimizations - might look into it later if it works as expected.