πŸ™ˆ Create guest users which can only see files shared with them
ΠŸΠ΅Ρ€Π΅ΠΉΡ‚ΠΈ ΠΊ Ρ„Π°ΠΉΠ»Ρƒ
nextcloud-command 10994e255a Update npm and node engines versions
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
2024-01-16 13:15:08 +00:00
.github update workflows 2023-11-10 17:24:21 +01:00
.tx [tx-robot] Update transifex configuration 2022-10-01 02:35:00 +00:00
appinfo 3.0.1 2023-12-07 17:01:31 +01:00
img Add icon, fix #8 2017-04-28 11:17:00 +02:00
l10n Fix(l10n): Update translations from Transifex 2024-01-04 00:55:18 +00:00
lib fix permissions for whitelist reset 2023-12-07 16:52:21 +01:00
screenshots Update screenshots 2022-04-08 11:19:08 +02:00
src Include shareType in share select option data 2023-09-06 15:59:53 +01:00
templates/settings Use webpack global config 2020-07-26 11:28:52 +02:00
tests psalm fix 2023-11-10 17:42:00 +01:00
.eslintrc.js Use webpack global config 2020-07-26 11:28:52 +02:00
.gitignore Fix php-cs 2022-04-08 11:00:15 +02:00
.nextcloudignore Add krankerl 2021-08-18 11:45:36 +02:00
.php-cs-fixer.dist.php Improve psalm with stubs 2022-09-09 11:10:47 +02:00
CHANGELOG.md Bump version to 2.3.0 2022-09-22 20:17:28 +02:00
LICENSE Initial commit 2017-02-20 12:27:59 +01:00
Makefile Simplify makefile and fix bundles 2021-11-10 08:40:54 +01:00
README.md Add option to delete old guest accounts during auto-conversion 2021-07-14 18:31:11 +02:00
babel.config.js Migrate to latest babel config 2021-04-26 20:12:21 +02:00
composer.json Bump requirement to 28 2023-08-28 14:55:03 +02:00
composer.lock Chore(deps-dev): Bump vimeo/psalm from 5.16.0 to 5.17.0 2023-12-09 02:29:56 +00:00
krankerl.toml Add krankerl 2021-08-18 11:45:36 +02:00
package-lock.json Chore(deps): Bump follow-redirects from 1.15.3 to 1.15.4 2024-01-11 03:58:56 +00:00
package.json Update npm and node engines versions 2024-01-16 13:15:08 +00:00
phpunit.xml Update master php testing versions 2022-04-07 12:03:41 +02:00
psalm.xml fix(CI): Fix psalm updates 2023-08-28 14:55:06 +02:00
stylelint.config.js Bump global configs 2022-04-08 08:04:35 +02:00
webpack.js Add talk integration 2022-05-27 13:52:19 +02:00

README.md

Guests

Build Status

Create guest users which can only see files shared with them

Usage

  1. Create a guest user by typing their email address in to the sharing dialog.
  2. [Optionally] Set a display name for the guest user.
  3. [Optionally] Set a language for the invitation email (otherwise the server's default language will be used).
  4. [Optionally, only for group admins] Set the groups to put the guests in (note further documentation).
  5. The guest will receive an email invitation with a link to create an account. They only have access to files which are shared with them.

Special behavior under sharing restrictions

Nextcloud allows to restrict users to only share within the groups they are members of themselves (Settings > Administration > Sharing > Restrict users to only share with users in their groups)

If that setting is turned on, guests can only be invited by group admins.

Upon invitation, the group admin must select at least one of their adminstrated groups the guest shall be member of.

Note on share acceptance

Guest users automatically accept all files and folders that are shared with them - other than regular full users, who have to actively accept incoming shares since Nextcloud 18.

Restrictions on guest users

Apps

Administrators can set a whitelist of apps that guest users have access to.

By default the following are allowed:

  • activity
  • files_external
  • files_sharing
  • files_texteditor
  • files_trashbin
  • files_versions
  • firstrunwizard
  • gallery
  • notifications

Hide other users

By default, guests will not be able to list other users in the system, if a guest user gets added to a group he will be able to list users within that group (and, for example, share files with those users).

Auto-convert guest users into full users

Guest users who eventually turn into full users (provided by any other user back end like SAML, LDAP, OAuth, database...) can be automatically converted on their first login, while keeping their shares.

Prerequisites

  1. Nextcloud 18 or higher
  2. target user needs to have the same email address as the guest user
  3. config.php setting 'migrate_guest_user_data' => true,
  4. config.php setting 'remove_guest_account_on_conversion' => true if you want the old account to also be deleted. By default the old account will just be disabled.

Available occ commands

Create a guest user

The command occ guests:add can be used to create guest users on the command-line.

php occ guests:add [--generate-password] [--password-from-env] [--display-name [DISPLAY-NAME]] [--language [LANGUAGE]] [--] <created-by> <email>

For example:

OC_PASS=somepassword php occ guests:add --password-from-env --display-name "Max Mustermann" --language "de_DE" admin maxmustermann@example.com

The user will then be able to login with "maxmustermann@example.com" using the given password.

When using --generate-password instead of giving a password, a random password will be generated. The guest user should then use the "forgot password" link to reset it.

Please note that this command will only create the guest account, it will not send out any email.

List existing guest users

The following command will list existing guest users:

% php occ guests:list
+---------------------------+----------------+------------+---+
| Email                     | Name           | Invited By |   |
+---------------------------+----------------+------------+---+
| maxmustermann@example.com | Max Mustermann | admin      | 0 |
+---------------------------+----------------+------------+---+