Nextcloud Server version: [Nextcloud Hub 10 (31.0.7)]
Operating system and version: Debain 12 (bookworm)
Web server and version: Apache/2.4.62
PHP version: php8.2-fpm
Installation method: Manual installation
I would like to know if this is a matter related to the current new version of Nextcloud or if it’s an issue. Imagine a shared folder named ‘Tecnologia’ with ‘Edit/modify’ access granted to the group ‘XPTO’. However, within this folder, I would like to restrict access to just one file, ‘File01’. Is this possible?
Because if I share this file ‘File01’ and set it to read-only for the group ‘XPTO’, users from the group are still able to download, edit, etc. In Windows ACL, the more restrictive permission takes precedence in case of such conflicts.
Is there any way to do this in Nextcloud? That is, for the file not to inherit the permission settings from the ‘XPTO’ folder?
Good morning, first of all, thank you for your response.
This is for a very specific situation. I have a department folder “X” where everyone in that department has permission to modify, but there are some files provided to this department that the company wants to ensure are never deleted by any employee. These files should be read/consult-only.
I understand if this is a matter of Nextcloud policy, but I’d just like to confirm if that’s really the case—because I’m almost certain that in older versions I was able to do this. However, I can’t say that with absolute certainty
it was called “group folders” in older versions and is now referred to as “team folders” and needs to be installed from the app store. this app allows fine grained permissions for folders.
Not a particularly elegant solution. But you could also use the Link editor app to refer to the file outside the directory structure from within the directory structure. The file outside the directory structure will then have different access.
Team folders is nice. But a configuration error can be a security problem. It is not a good idea to put the file in the same file structure. The real problem is not Nextcloud. I think you have a design problem.
..Good afternoon, thank you for the response. I also understand that this wouldn’t be considered an issue with Nextcloud. But we in IT sometimes need to do “certain things” to meet the boss’s demands—who doesn’t want to hear about the technical details. So when we manage to find a workaround that makes things look the way he wants, we do it and everyone’s happy, haha.
Of course, we always aim to guide toward the best solution, but it’s not always possible. Your idea about the Editor Link actually shed light on something that will meet both needs—it looks the way he wants and, at the same time, keeps the proper design and structure…
@regrocsi@wwe
It’s best to try out both solutions. Even though Team Folders allows you to implement exactly what you need, I’m rather opposed to it. In the past, when normal network drives (CIFS/SMB) were still in use, no one would have thought of creating special rules for individual files in a substructure that did not apply to the higher-level structure. This is very error-prone.