Collabora document inherited share permission problem

Hi,

We’ve discovered something unexpected with Collabora.

Let’s say we have two teams of people organized in these groups.
Team1_group and Team2_group. And a third group Everyone_group.

An ‘admin’ user creates two folders, Team1_folder and Team2_folder.

Team1_group members have all permission on the Team1_folder
Team2_group members have all permission on the Team2_folder
Everyone_group has read only access to both Team1_folder and Team2_folder.

We do this for transparency/work ethics reasons, and it works great!

Now, let’s say a document in the Team1_folder gets shared, with write permissions, to the Team2_group.
Team2_group members see the shared document in their /root folder as expected and can download the file, modify it, and upload it (replacing the original). It works. Desktop sync also works. (Thank you for all this software. :heart_eyes: )

However, when using Collabora, a Team2_group member opening a document shared like this does not have write permissions, only readonly. It seems the Everyone_group permissions are been used here instead. :confounded:

Has anyone run in to this before?
Cheers.

Yes. Same thing when you click in the activity stream on a file name, you will most likely land at the read-only shared one.
There is currently no “most-priveledge” advantage when the same file ID is given to you in two different shares. Worth a feature request, IMHO.

1 Like

Oh dear, I hadn’t realized. That’s unfortunate.

Over at github?

Github, indeed: https://github.com/nextcloud/server