I am looking for a way to secure my documents in my company. Is there a ay to secure some users to connect their account only in the app and not from web ?
Is there a way, once the access is reduced to app only to prevent downloading folders and pdf ? View only ?
Not sure, but probably not on a per user basis. If these users have an account, which they need in order to use the app, and if they can reach the login page, they can also log in… At least I don’t know a way to prevent browser logins only.
But be aware that if you serve something via Nextcloud, there will also be a way to download it. Because technically the client (browser, app, whatever…) has to download it in order to be able to present it to the user. In order to prevent this, you would have to use some kind of DRM like the big streaming providers such as Netflix do. But this is not something Nextcloud can do.
I know that there are no perfect solution cause you’ll always be able to download it in a different way.
I am working with people with little to know knowledge in the computing world. That is why narrowing the access to te android app with disabling the download button would be enough for me … But the 0 Bytes solution does not seem to work for me. I can still download the folders and the files
For view only you must use apps like OnlyOffice and/or Collabora with watermarking (secure view). Every HTTP-request is a download. It is not possible to prevent the download of files when you can display them in apps or web.
The option “Hide download” is a nice feature for all shares but does not really increase the security. The user can use browser developer tools (e.g. Firefox F12, network analysis) to find the documents. Every view is a download.
Sorry i can not read your options in the screenshot.
Change language to english and post a new screenshot.
Please control your global sharing option. Access with your domain and your admin: https://cloud.server.tld/settings/admin/sharing
(or Admin-Menu for Sharing)
Which version are you on? I’m not sure but I think they only added this feature recently for shares with “internal” users. Before it was only available for public shares / links…
@theo.villainne
There is no reshare option because you have disabled it in your global menu. I think download/not download is set to default. Which Nextcloud version do you use? @bb77
On my server (Nextcloud 24) is an option “Hide download” and not “Allow download”. Do you know the position of the option? Which Nextcloud version do you use?
24.0.3. But you’re right it only seems to be available on my test server which is on 24.0.3 RC1. Seems odd though, that they would introduce this with a minor release… So I’m not sure at the moment, why it isn’t available on my production instance, maybe it’s a checkbox somwhrere in the “Share” settings?
And one more thing. It seems only to be available for folders and not for a single file…
@bb77
Sorry i do not find it in Changelog - Nextcloud.
Maybe you can search it at Github and ask there. Not the question here but not good if really a change.
@theo.villainne
It’s funny that you don’t have an option to enable or disable download. Even if it does little for security.
Thats a screenshot of a shared link / public link. For “internal” shares the option is called “Allow download” like on my screenshot. But as I said in my previous post, I don’t have this option on my production instance with 24.0.3 either, but I have it on my test instance with 24.0.4 RC1…
I think secure view is more for professional use. Maybe you should discard this idea.
Perhaps describe in new words what your goal is. What data are we talking about? Perhaps it would make more sense to seek professional support.
I also don’t know if it would be sufficient to restrict access to Android, for example. The files are copied somewhere in the Android structure. This is not secure. I think you must access the date through secure view also on Android.