I want to give permissions for subfolders in Owncloud.
Example:
a user can edit and read all the files in a synchronized folder except some specific subfolders.
Im working with desktop client and web interface. Version: OwnCloud 8.0.3 (stable)
As far as I know a user has access to all his/her folders and files, plus any files that are shared with him/her by other users. You cannot restrict access to user's files if they are in that user's account.
My assumption is that you are an administrator and can create accounts, etc. A workaround might be the following, but it is a workaround and not the solution you've asked for:
If there are some files that you'd like more than one user, or only specific users to be able to view; you can share them using the web interface.
You could create a master user who has access to all files and then share with the other users from the master account.
If anyone knows any different to this please suggest an edit to my answer and I'll put it in.
Related
Is it easy for people to find "public" google sheets/docs?
Context: Storing some semi-sensitive data (individual user info, of non-sensitive nature) for an app beta-test in google sheets. Planning to migrate to some DB in the future, but for now, just using JavaScript to pull the data directly from the google sheets (since there are visualizations being dynamically updated by the sheets).
Yes, it's easy to get information. Search engines may index and cache the information. Then, there are bots, crawlers and scrapers. Do NOT put (semi)sensitive information in public. Implement google-oauth properly with google-sheets-api to get information. You can also use service-accounts
Yes, it can be easily accessed.
According to the official Google article Share files from Google Drive: when you set your file's General Access setting to public:
Anyone can search on Google and get access to your file, without signing in to their Google account.
What you can do:
In the case of your app beta-test in google sheets data, you may want to reconsider to change your file's General Access setting to one of the following (in descending order of security):
Restricted - Only people that you manually give access to can view or edit your files. When you click the share button, a prompt will show and you may manually add the users who can view or edit your files:
Afterwards, you may select a role for those users and then they can be notified afterwards through email.
On the other hand, you can share the link to others. A prompt will show like the one below if you send the url through Google Chat:
You may opt to select Don't give access which will result in the following view on the other user's end:
This would mean that if unauthorized users get hold of the file URL, they will still need to send an access request. If other users submit the request, an email notification will be sent to your mail inbox. Other users who also own the file will also be notified by mail.
Your Organization - If you use a Google Account through work or school, anyone signed in to an account in your organization can open the file. If you are an administrator in a work or school workspace, you may set how members can share content within the organization. The administrator can prevent the sharing of content with group members outside your organization. If external sharing is prohibited, only group members who are in your organization can access the group's shared content.
Anyone with the link - Anyone who has the link can use your file, without signing in to their Google Account. This option is least recommended because if the URL is leaked to unauthorized users, they can easily access the file.
References:
Share files from Google Drive
Share content with a group
Don’t make it public unless you want the public to see it. Use oauth to access.
I have a SharePoint online site with different users added (read-only). Everyone has a folder where they can store their personal documents.
Is there any way to make each account see only their own folder with their documents when they enter SharePoint online site? I can´t figure out the right way to do it; I need it to be some sort of personal storage.
You could change the folders permissions to make each folder only access to their own account. You could refer to this article to manage permissions for folders:
https://support.microsoft.com/en-us/office/stop-sharing-onedrive-or-sharepoint-files-or-folders-or-change-permissions-0a36470f-d7fe-40a0-bd74-0ac6c1e13323
I'm trying to create a custom master page template in a SharePoint Online environment. I'm using the Design manager to upload the design files. I've mapped the network drive like the page described and can open and view the files, but I cannot upload files to the location. Every time I try I get the following error:
Error 0x800700E0: Access Denied. Before opening files in this
location, you must first add the website to your trusted sites list,
browse to the website, and select the option to login automatically.
I've added the site to the trusted sites list, as well as selected the option to login automatically. The WebClient service is also running.
How can I upload files to this location?
The only explanation I can think of is that I am logged into windows on a Microsoft account, and I use a different Microsoft account for SharePoint. I can map the network drive fine, but when I try and map it with the option "Connect using different credentials", and I use my SharePoint Online account, I get the same access denied error.
Thanks
Check permissions for the document library/folder in which you're trying to write files. Folders like _Layout which resides at root level sometimes do not allow access of write. Global administrators have full access to these folders but tenant or site collection administrators may not have its access.... For example try opening this link in browser https://yoursharepointsite.com/_layouts/15/fonts this is where font files are like Arial.ttf or Comic sans.ttf So if you want to add new font to your sharepoint online themes you'll have to add files here.
Do this open SP Designer -> open main site -> browse left side menu for your folder and try copying something. If you can copy files there you should be able to copy through your mapped drive.
Also when you mapped drive in Windows Explorer didn't it ask for credentials, where you had to give in your Office365 login email then it can't be an issue of your windows credentials messing up with anything.
In this circumstance, it was actually the Trusted Sites that I had added. I added 'mysite.sharepoint.com' as well as '*.sharepoint.com' to my trusted sites. As soon as I also added: '*.lync.com', '*.microsoftonline.com' and "*.outlook.com", I had no problems writing to the directory
On our intranet, I want to provide a website that certain employees can access. The work they do on the site will be recorded and tagged with their user-name for identification if the need should arise. Of course users have already logged in to their workstation and they have supplied credentials to our Active Directory.
Rather than maintain an additional set of user logins and passwords for the website, and forcing users to enter this second set of credentials, I am wondering if they can just be silently authenticated when they pull up the site? Somehow the webpage would have to find out their Active Directory user name as known on their workstation. (I see no reason it would need their password.) And then, for their work, the website can store their actions tagged with their user name.
So: I'd log in to my workstation as "Mark" in domain "ONU-AD". I'd pull up the webpage "resolveticket.php". That page would not challenge me for credentials, but it can access my username and store that with my various actions.
NOTE: I have seen some questions and answers here that were more specific. But my initial question is general: is there a piece of tech that can help with this? What is it? (for example, should I try to do this with Java?) Many similar questions are about ways to get this information in a server-side script. But I am simply wanting the webpage sitting on the client computer to be able to get the user name and perhaps place it in an input (type="hidden") on a web form.
I have created visual studio online site using azure and backed by our company active directory.
And when going to user management site (example image, not my screenshot) in the search box I can see all the users from the active directory which means that I'm properly connected (I guess).
And here is the problem which I wasn't able to solve.
I would like to know if it is possible to automatically give read permissions to users from active directory that try to access the site.
Currently they can login, but when they access the site it says that they don't have permissions and I have to manually add them one by one and I don't want to do that.
Do I maybe need some special active directory group that I add there as a user or what? I'm not active directory admin so I don't have access to its settings.
Thank you for the help.
Currently VSO does not support AD groups. In addition, just because you assign a licence, does not mean that they should have permission to everything. You my be a special case, but the choice of access should be left to the Team Project owners.