Advanced Permission Rules order matters, not working as documented #2043
Comments
|
Might be related to this issue #1212 |
|
Is this bug still present? If so, the documentation should at least be updated to mention that the rule order matters, and perhaps explain a workaround (how to get the rules in a desired order of precedence). |
joshtrichards
added
the
feature: acl
|
I can explain the difference in behaviour, even though I can not understand how one would decide to implement it as it has been. The difference in your case is that the rule for admins_compertida in your second screen shot is inherited from a parent folder (this can be seen by the missing x button right of the rule). Developers decided that permissiions in a child always override parent permission setting, even though they might originate from different groups. So if you get a permissions though group A in the parent folder and it is revoked through group B in the child, people that are in both groups do not have permission to the file. This is described in detail in issue #1212. So this issue can be closed and marked as duplicate of #1212 |
|
Duplicate of #1212 |
Hi,
I'm runnning Nextcloud v24.0.3 with Group Folders v12.0.1. I found a bug in the Advanced Permissions behavior.
The documentation states that if a user belongs to 2 different grups with different permissions, the most permissive rule will stand:
However, in practice only the rule at the top actually stands, and the order of those rules depend on how the rules are set. The order cannot be set manually.
This is the situation we are seeing:
A user belongs to both groups: "Everyone" and "Admins_compartida". If rules look like the following image, then the user can read the files.
But, if I modify the rules and the order changes (still trying to figure out why or how the order is affected), and the rules are set as the next image, then the same user can not access the files.
The text was updated successfully, but these errors were encountered: