Restrict access to shared folders

Is there a way to restrict access to shared folders individually? Like when I share a folder with all other users but only want certain users or groups to have access to one or more subfolders somewhere down the tree. This can be compared to file system access controls in a desktop system. The directory structure should remain intact, so sharing each subfolder individually isn’t desired (and too much work or subject to mistakes).

I’ve seen that Nextcloud 10 has something about it in its manual, but it’s not in 13 anymore. I have installed the app “File access control” mentioned there but it doesn’t appear anywhere on my files.

Nextcloud version: 13.0.0
Operating system and version: Ubuntu 16.04
Apache or nginx version: Apache 2.4
PHP version: 7.0

I think I’ve found where the access rules are set up. But the list of rules is not suitable for anything like file restrictions. I cannot even specify single folders or files. I could use tags for that, but tags can be removed just as easily by the user to gain access to a restricted directory. So that clearly isn’t helpful yet.

As of version 15 that I am using, I believe you can use invisible tags for this purpose to keep someone from removing them.

Oh, this topic is still there… I’m not interested in this use case anymore. We’ve set up a proper file server for internal use and only use Nextcloud for external file sharing (to be replaced with a custom solution) and calendar/contacts (might be replaced with the more powerful SOGo).