-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for additional arbitrary advanced share permissions #33458
Comments
I'm researching a bit how to extend the existing oc_share.permissions with additional "reserved" bits. When trying to set one of the higher bits, we will bump across multiple blocks, like this one: https://github.com/owncloud/core/blob/stable10/lib/private/Share20/Manager.php#L282 It reads the perms from the storage, which is max 31 and doesn't allow setting bits higher than that. This would imply either adding the extra bits also to the storage permissions, including storing them in oc_filecache, or finding all those code locations and manually adding the extra bits to the allowed part. In general it still feels a bit weird to reserve additional bits this way. |
having the additional bits on the storage layer means we need to support this on storage layer somehow, or always fill them with preset values. maybe storages would then need a new interface/capability for new permissions. If the capability is set, we let the storage have extra methods to retrieve said permissions from the underlying API. In general this approach is still limited by the number of reserved bits we want to have... |
With the extra tables approach, it would not affect the current code paths nor affect the storages. |
Whatever app is requiring the extra permissions might be working with the Node API and might expect the extra permissions to be part of said API. So either with approach 1) we would have them exposed as part of It sounds like even in this case we'd need to extend the storage API, or at least the SharedStorage to have a getExtraPermissions() field. If we don't want that we'd then need to be aware that we're talking to a shared storage inside the Node API (which we're not supposed to do) and then get the share model to read the extra permissions. That would be some kind of ugly shortcut... |
I made a quick prototype for I also looked into how to add new permissions easiest from the app level. I think the only approach which is actually possible without creating a code spaghetti is
|
I made POC for Approach 3 in the working branch https://github.com/owncloud/core/compare/secure_view_plugin by adding new field in share table with extra share permissions. The first app to use it will be Now, each app has to register with such thing during its startup:
This will result in such thing: So far it all looks good, will continue work in this direction and PR it for reviews @pmaier1 @PVince81 @DeepDiver1975 |
I started implementation on Approach 3 here - #33994 (comment). It looks good, but I need to decide on tech implementation details. |
I see also quite interesting difficulty. What if we do share permissions for apps specifically. But e.g. sharer has no access to the app e.g. richdocuments because of group membership, but needs to set permissions for other user which will use richdocuments? @PVince81 |
Setting such permissions which are universal will require another component in CORE which is universal across editors. |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 10 days if no further activity occurs. Thank you for your contributions. |
Add the ability to extend the current share permissions model and add more permissions as defined by apps.
Backend approaches
1) Reusing and extending the existing permissions field
The oc_filecache table has a field "permissions" and also oc_share.permissions for sharing permissions.
The value is a bitmask.
We could reuse additional bits.
Pros
Cons
1b) Reusing and extending the existing permissions field
Like 1) but store the permissions in a new field "oc_share.extraPermissions".
Pros
Cons
2) Use extra Webdav properties
The table "oc_properties" contains a list of arbitrary Webdav properties that can be set with PROPPATCH and retrieved with PROPFIND. They are attached to files by file id.
An app could define its own properties to represent additional permissions there.
When the time comes to enforce permissions, the app would need to read the permission from there manually.
Could also provide a permissions manager in core that hides this and exposes it via a public PHP API.
Pros
Cons
3) New table for additional permissions
Create a new table "oc_extra_permissions" with fields "fileid", "app_id", "permission_id", "active".
Need to keep this table in sync with "oc_filecache.fileid" for example with foreign keys or a background job to clear orphaned entries.
Provide a permissions manager in core that manages the permissions table and exposes a public PHP API for managing the permissions in there.
Pros
Cons
4) Use collaborative tags
An app could define a set of collaboratve tags which would define the permissions for everyone.
Pros
No core changes needed. Apps read the tags and decide how to apply restrictions.
Cons
Restriction is for all users, not per user.
Frontend approaches
Need a way for apps to be able to inject UI components.
This would not work on mobile so might need a way in backend to set translatable permission names.
An HTTP API needs to be provided for clients to be able to retrieve all possible translated permission names for a given file or folder, to be displayed as a list of checkboxes.
The text was updated successfully, but these errors were encountered: