Question: Integrating custom User Account Creation in NextCloud

ℹ️ Support
,
1

Hello,

I have a somewhat specific use case for NextCloud where I want to create many user accounts with limited access. For this purpose, I’ve created a bash and Python script that creates the user account and performs a series of operations (adding to groups, creating folders with their name and sharing them, copying folders, etc.).

Now, I want to incorporate this functionality into NextCloud, where a graphical mechanism for NextCloud administrators can input the information and save it. I was thinking of launching the process as a cron task at regular intervals to check for any new users to create.

I started looking into Tables for data entry, which seemed promising, but the application is somewhat young and unreliable.

Do you have any suggestions? Perhaps I’ve overlooked applications that would approach my desired functionality?

I also thought about creating disabled accounts and then activating them later. However, creating disabled accounts does not seem to be available in the graphical interface in the browser.

Nextcloud AIO v8.1.0
Nextcloud version: 28.0.4
Operating system and version: Debian 12 Linux 6.1.0-20-cloud-amd64 x86_64
Apache: Apache/2.4.58
PHP version: 8.2.17

Do you have any suggestion?

Regards,
Sylvain.

2

I think you should better explain what you are willing to achieve from a “business perspective”. Usually mass changes happen through command line tools like occ or api which could be used by any external tool. Using web interface for mass changes is not common IMHO.

Depending on your goal there might be better solution to use “single sign-on” sso using openidconnect or SAMl or LDAP - this is recommended if you have multiple applications you want to give a user access to. Other option could be guest account using the Guests app - when you want individual users without many permissions on your system…

3

Hi,

My question was more on the GUI side integrated in NextCloud. « Now, I want to incorporate this functionality into NextCloud, where a graphical mechanism for NextCloud administrators can input the information and save it »

:arrow_up: Sorry this was unclear, I mean triggering my custom creation process for one new account by a non-technical person.

I think you should better explain what you are willing to achieve from a “business perspective”.

My “business perspective” : automate a complex user creation process. Then give access to a NextCloud admin, without programmer nor command line skill, the ability to create single new limited account via a simple GUI. Also simple to maintain and design for me.

I managed to program occ and API. I will use script to perform mass import once.

So exposing the custom creation script to a GUI could look like using a NextCloud Forms:

image
image1098×533 98.8 KB

Above :arrow_up: a test I made with Forms.

But the integration with Forms and my script is somewhat complex and probably fragile. And Forms access somewhat require many clicks. And the action cannot be customized. Though I managed to trigger a custom script with Flow.

Here follows what I also tested, I’m quite joung at NextCloud skill, so I may have missed some hint, (so my post here) :wink:

  • Tables, too early not mature app, actual database storage or API unreliable
  • Flow, with Forms, generate a spreadsheet could be parsed, a bit complex and fagile
  • User creation as disabled account, need to provide a password and many clicks, cannot create disabled account in GUI (at creation step) (can be achieved by occ).
  • AppApi, with docker proxy, seems very complicated, not fully tested, long learning curve
  • Deck, create a card for a new User, no separated fields
  • Tasks, same thing as Deck
  • File, create a new_user folder then create something, folder or text file, too many steps, no fields could become corrupted easily
  • Custom Nextcloud App, too high learning curve for my profile to setup
  • :point_right: External Sites and custom App, need a form design and authenticate NextCloud logged in user to protect the custom app with extern auth. Complex too, but the path I’m currently testing. I’m also adding SSO and will try to authenticated the current session.
  • Bookmarks, not intended to open URL in nextcloud or to bookmark internal things in NextCloud, such as bookmarking (as favorite) a form created with Forms.

We could use guest account or shared by email on dedicated sub-folder. But we are interested in having dedicated account. The creation process is done. SSO is in PoC.

I may fallback to this setup, I still need a GUI to perform same basic input, to trigger my custom scripts.

I’m not a web developer and designing GUI with CSS and HTML is not my main skill. So I was experimenting in Nextcloud.

I’m actually done a custom form and API outside NextCloud in python. I’m also exploring SSO, if new perspective could come from here with keycloack.

My custom form, designed by IA. :arrow_down:

image
image665×581 65.8 KB

Here where I’m actually, I may have dug in some wrong direction. :wink::woman_shrugging::pick:

4

I still don’t get your motivation… integrated UI for user creation is not much more complicated than your form :man_shrugging:

image
image1115×1082 116 KB

and likely more stable and secure… I don’t get the reason why you try to build your own process…

5

Hello,

My motivation are:

  1. custom user creation process done programmatically, which includes: give uniq login name based on naming convention, create a new user with custom login, create a folder on other account for shared storage, copy custom folder content in the shared folder, create shares with readonly and readwrite permissions, generate user’s password, or send it onetime login link. etc.
  2. when the process is automated provide a limited non-programmer UI interface for a manager in order to create a new user. Such interface purpose is to speed up creation steps, limit creation mistake and to give separated input fields: Firstname, Lastname, email
  3. Automatically call the custom creation process defined in 1. (could be achieved by a cron task fetching the pending user to be created)

As you’ve suggested Guests app may provide some of this functionality. I’m also exploring it.

My main difficulty is not to perform the custom creation process, but to provide a way to trigger it for a manager point of view without technical knowledge… given I’m not a php developer, other wise I would have followed custom app tutorial and probably solved it since a week now.

My other motivation is also exploring Nextcloud potentials features on designing/providing UI forms with structured data and related APIs.

The user creation form (Admin > Users > New User) you’ve mentioned, is great for normal user creation process, not for custom one actually.

I re-tested it, it allows empty password despite it’s displayed as required.

Actually I could have chosen the “new user” form. If I could have assumed “Display name” could be “Firstname Lastname” is that order, so I could parse it. What about composed Firstname or Lastname? :thinking: (ex: Jean Yves Du Guy) Firstname: Jean Yves , Lastname: Du Guy

So I could have requiring the manager to only fill:

  • Username (temporary one before rename, need to be unique)
  • Display name
  • email
  • group empty, or a dedicated New_user may would be better. Actually I did that already.

image
image395×501 22 KB

:thinking: I think it’s a bit confusing.

Then I could get the newly created user from SQL, for example:

“list uid who are not in any group”

select u.uid 
from oc_users as u 
left join oc_group_user as g on u.uid = g.uid 
where g.uid is null;

or list user from new_user group (aka, pending user to be created)

select * from oc_group_user where gid = 'new_user';

occ can also somewhat achieve it too (you’ve to filter by yourselves, user in no group are not listed):

occ group:list

Then I can perform my custom creation on the retrieved list.

I hope it’s a bit more clear, sorry for the confusion.