Inheritance of rights

Hi guys.
We are interested in inheritance of access rights. Do we understand correctly that it works from the root? All rights are inherited from the root.
We need to implement such a scheme. This can be done in nextcloud.


In general, the scheme is not complicated and straightforward.
We have an administrator who created the folder structure as shown in the diagram.
There are 3 groups which include one user. One group that includes all users.
According to the scheme, all users have read-only rights to the root directory.
Further, if we delve deeper into the tree, we see three directories, each group has access to its own directory with read and write rights, but other users only read.
Unfortunately, when testing such a scheme, we came across that the rights inherited from the root are transferred to other levels regardless if we even assign new rights inside the root directory.
Can this be bypassed or implemented with additional modules ?!
In part, we understand that no, but it’s better to ask)))))
Thank you

I presume that you’re using group folders?

If so, you create your group folder “A”, check the box under “advanced permissions” and add user/group to manage it,

Then create your directories “AA”, “AB”, “AC”.

Then you add ALL of your groups with read permission GRANTED, and all other permissions DENIED.

Then for each subdirectory, add ONLY the group that should be granted write access, and set read/write/create/delete as GRANTED.

1 Like

What do you mean by group directories? We have a regular Directory A to which a group has access in which all users are present.
We did as you described, but it doesn’t work.
According to your scheme, users see Directories AA AB, but groups assigned to these directories still cannot edit files or create subdirectories.

sounds same as German post Rightsmanagement in subfolders