Per user delete permissions

Hello everyone!

I’d like to start off by saying that Nextcloud has been awesome so far! Super fast and easy to set up and get running and a very good UI.

That being said, I’ve run into something with the permissions and sharing that I’m not quite sure how to solve. All new users are added to a group (Office group) which I have shared a top level directory to. Each user creates their job folders and is able to upload files into their folder and have them shared with the entire group.

This all works well, however I had previously blocked the Office group from being able to delete files. Now I would like to implement a way that users can delete their own files - but not those from other users - so that manager A can’t get mad at manager B and delete their files out of the shared folder.

Does what I’m describing make sense? Is there a way to allow only ownership deleting?

Have you looked into the “advanced permissions” on Group Folders? Group Folders is a separately enabled “app”.

It might support what you want. I have something similar I’m trying to do, though I just gave only admins permissions to delete.

1 Like

I am currently in the middle of looking through the group folders and advanced permissions, but I’m not seeing anything specific to ownership and deletion. I will let you know if I find anything that works.

Mine shows permissions in the details area when Advanced Permissions is checked in the Group Folders administration settings.

image

However … It’s not really based on ownership of the file per-se. It’s not exactly what you’re looking for, I would imagine, but as a work-around you could have sub-trees for individuals to have complete control. As far as I know (and I’m somewhat new to Nextcloud), anything more fine-grained is going to need more detailed attention to set up custom permissions for each file. In theory I could set up individual files to allow deletion by particular individuals, but that means manual intervention on a per-file basis. Not quite the tried-and-true user/group/world permissions system we may be used to.

I noticed the same thing, but I suppose the admin can always restore the file from trash. Just trying to have as little human admin intervention as possible - due to my laziness!

I’m digging into the automated tagging of files, but again I don’t see anything to create a tag based on the specific user, which could then be possibly used to deny deletion from members of a group and allow deletion from the user specifically.

Should this be something we send up the pole for a new feature request? Ownership based permissions control?

It would seem logical … Though I’ll admit I’m still learning the ways of the NextCloud. My current big wish is to get better formatting for Talk posts from my bots (e.g. links, bold, etc.)