Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: implement 'per user inherit' logic for folder delete permissions check #3404

Merged
merged 1 commit into from
Nov 18, 2024
Merged

fix: implement 'per user inherit' logic for folder delete permissions check #3404

merged 1 commit into from
Nov 18, 2024

Conversation

icewind1991
Copy link
Member

To test:

  • Enable "per user inherit" with occ config:app:set groupfolders acl-inherit-per-user --value true
  • Create groups G1 and G2
  • Create user U1 that is a member of G1 and G2
  • Create groupfolder F1 with full access for G1, G2 and admin and enable ACL for the groupfolder
  • As admin create F1/Test
  • As admin create an ACL rule for F1 which sets all permissions for G1 to allow
  • As admin create an ACL rule for F1/Test which sets the delete for G2 to deny

At this point the output of occ groupfolders:permissions <folder id> should look like:

+------+------------+-----------------------------------------+
| Path | User/Group | Permissions                             |
+------+------------+-----------------------------------------+
| /    | group: G1  | +read, +write, +create, +delete, +share |
| Test | group: G2  | -delete                                 |
+------+------------+-----------------------------------------+
  • As U1 try to delete F1/Test

Current behavior

Even though U1 sees the delete option, trying to delete the folder fails

New behavior

U1 can successfully delete the folder.

@icewind1991 icewind1991 added the 3. to review Items that need to be reviewed label Nov 8, 2024
@icewind1991 icewind1991 added this to the Nextcloud 31 milestone Nov 8, 2024
@icewind1991 icewind1991 requested review from provokateurin, a team, skjnldsv and come-nc and removed request for a team November 8, 2024 16:55
@icewind1991
Copy link
Member Author

/backport to stable30

@icewind1991
Copy link
Member Author

/backport to stable29

@icewind1991 icewind1991 force-pushed the per-mapping-merge-delete-folder branch 2 times, most recently from d6c719c to e4455ae Compare November 8, 2024 16:59
@icewind1991 icewind1991 force-pushed the per-mapping-merge-delete-folder branch from e4455ae to 5818777 Compare November 18, 2024 15:34
@icewind1991 icewind1991 merged commit 7927317 into master Nov 18, 2024
45 checks passed
@icewind1991 icewind1991 deleted the per-mapping-merge-delete-folder branch November 18, 2024 21:08
This was referenced Nov 18, 2024
Merged
Merged
@solracsf solracsf mentioned this pull request Dec 3, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@provokateurin provokateurin provokateurin approved these changes

@skjnldsv skjnldsv Awaiting requested review from skjnldsv skjnldsv was automatically assigned from nextcloud/server-backend

@come-nc come-nc Awaiting requested review from come-nc come-nc was automatically assigned from nextcloud/server-backend

Assignees
No one assigned
Labels
3. to review Items that need to be reviewed
Projects
None yet
Milestone
Nextcloud 31
Development

Successfully merging this pull request may close these issues.
2 participants
@icewind1991 @provokateurin