Groupfolder with "subtree" access rights



we’d like to use one directory structure for the shared files within our company. We’d like to avoid a cluttered set of individually shared directories, so I assume that the “groupfolder” App is basically what we need.

The directory structure we’d like to share within the company should have subdirectories with different permissions. For Example:

groupfolder/dir1 -> access for all
groupfolder/dir2/subdir1 -> access only for group1
groupfolder/dir2/subdir2 -> access only for group2
groupfolder/dir2/subdri3 -> access for all

is this possible without having “subdir1” and “subdir2” as a dedicated folder below the “shared” folder for users of group1 or group2?



Sorry, I am not really sure I understand the question. Could you rephrase it?


Basically we want to define a folder structure accessible for all users in the company with different access rights on subfolders – similar to a typical ACL definition in local file systems. I’ll try to describe the current situation and what we do not want with an example:

  • we have a shared Folder “company”, with access to all authenticated users
  • below “company”, we have a folder “department”. This folder has to have restricted access for only one group of users

If I define access rights in Nextcloud both for “company” and for “department”, a user with access to both has the following directory structure:


Our goal is to have a common directory structure for all users. If we define different access rights on subfolders users will see various folders below “shared” which are also in the “company” folder tree. This leads to a cluttered “shared” structure. Our goal is to prohibit the appearance of the “department” folder below “shared”.

I hope this makes it more understandable?


I think the best way would be the possibility to exclude sub(-sub)-folders from sharing…


Thank you, this gives a clear picture.

The user will always be able to change the directory structure to his likings: the individual can move around the shared folders as much as she likes.

If you create a folder inside one that is shared to all authenticated users, the created folder would also be available to any recipient of the parent folder. @rullzer correct me if i am wrong.

Currently, there is no way to force a share into a target folder(structure). Also I cannot think of a workaround, unfortunately.


A nice solution would be as described by me in the other reply.
Normally the folders are already sorted by owner. The problem is mostly that you do not want to share all subfolders. If there’s a functionality to disable some sub(-sub)-folders, I think this problem would be solved in most scenarios. I hope such functionality will be available in next versions :slight_smile:
I’ll create a ticket for that :smiley:


Feature request created:


Hi all,

thanks for the quick responses and the overview about the possibilities. We’ll review how to proceed.


Note that if this is a capability you want, you can contact to see if we can provide this.