AI prompts
base on ๐๐ฉโ๐ฉโ๐งโ๐ฆ Admin-configured folders shared by everyone in a group or team. https://github.com/nextcloud-releases/groupfolders <!--
- SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
- SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Team folders
[](https://api.reuse.software/info/github.com/nextcloud/groupfolders)
๐๐ฉโ๐ฉโ๐งโ๐ฆ Admin configured folders accessible by everyone in a group in Nextcloud.
## References
* **[Known issues and FAQs](https://github.com/nextcloud/groupfolders/issues/1414)**
* **[Release Notes](https://github.com/nextcloud-releases/groupfolders/releases)[^1]**
* **[App Store](https://apps.nextcloud.com/apps/groupfolders)**
[^1]: The releases are now managed in a [dedicated release repository](https://github.com/nextcloud-releases/groupfolders/releases). The releases in this repository may be outdated.
## Configuring Team folder
Team folders can be configured through *Team folders* under *Administration settings*.
After a folder is created, the admin can give access to the folder to one or more groups, users or Teams (formerly Circles). A quota can be assigned for the folder and advanced permissions can be activated and configured.
Permissions to the content of a Team folder can be configured on a per-group/team/user basis.
The configuration options include the _Write_, _Share_ and _Delete_ permissions for each group.
## Using Team folders
Once configured, the folders will show up in the home folder for each user in the configured groups or teams.
## Setting Advanced Permissions
_Advanced Permissions_ allows entitled users to configure permissions inside Team folders on a per file and folder basis.
Permissions are configured by setting one or more of "Read", "Write", "Create", "Delete" or "Share" permissions to "allow" or "deny". Any permission not explicitly set will inherit the permissions from the parent folder. If multiple configured advanced permissions for a single file or folder apply for a single user (such as when a user belongs to multiple groups), the "allow" permission will overwrite any "deny" permission. Denied permissions configured for the Team folder itself cannot be overwritten to "allow" permissions by the advanced permission rules.
Take a look at this example to understand how to properly configure Advanced Permissions for more complex scenarios with multiple groups or Teams:
1. You have the groups "Management", "Employees" with some users only belonging to "Management", but everyone being part of "Employees".
2. You configure a Team folder and add the groups "Management", "Employees" with "Read" and "Write" permissions.
3. For a sub folder in the Team folder you explicitly configure the group "Employees" to have NO "Write" permission, but still "Read" permission.
4. For the same sub folder you configure "Management" to have "Read" and "Write" permissions.
Now only users in the "Management" group can write in the sub folder, while all users in the "Employees" group can not.
Note that currently (Nextcloud 31/Hub 10) you need to be a member or admin of a team in order to assign it to a Team folder.
All ACL rules always need to have the least permissions for any user/group/Team with access to the sub folder.
For those users/groups/Teams that need more permissions you need to add a second rule that grants them the desired permissions.
Users or whole groups can be entitled to set advanced permissions for each Team folder separately on the Team folders admin page.
For entitlements, only users from those groups are selectable which have to be configured selected in the Groups column.
## Configuration parameters
Some settings are currently only exposed via `config/config.php`:
### Default quota for new Team folders
```injectablephp
'groupfolders.quota.default' => -3,
```
The special value `-3` means unlimited and any other value is the quota limit in bytes.
## Command-line interface management and configuration (via `occ`)
Team folders can be configured and managed from the command-line interface (CLI). This is accomplished by using the `occ` command.
The `occ` command is utilized throughout Nextcloud for many operations and is not specific to Team folders. When the Team folders app is enabled, the `occ` command gains additional functionality specific to Team folders.
If you're unfamiliar with `occ` see [Using the occ command](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/occ_command.html) in the Nextcloud Server Administration Guide for general guidance.
### Commands Available
- `occ groupfolders:create <name>` → create a Team folder
- `occ groupfolders:delete <folder_id> [-f|--force]` → delete a Team folder and all its contents
- `occ groupfolders:expire` → trigger file version and trashbin expiration (see [Nextcloud docs for versioning](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/file_versioning.html) and [Nextcloud docs for the trash bin](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/trashbin_configuration.html) for details)
- `occ groupfolders:group <folder_id> <group_id> [-d|--delete] [write|share|delete]` → assign groups and their rights to a Team folder
- `occ groupfolders:list` → list configured Team folders
- `occ groupfolders:permissions` → configure advanced permissions (see below for details)
- `occ groupfolders:quota <folder_id> [<quota>|unlimited]` → set a quota for a Team folder
- `occ groupfolders:rename <folder_id> <name>` → rename a Team folder
- `occ groupfolders:scan <folder_id>` → trigger a filescan for a Team folder
- `occ groupfolders:trashbin:cleanup` → empty the trashbin of all Team folders
- `occ config:app:set groupfolders enable_encryption --value="true"` → activate encryption (server-side) support
### Configuring Advanced Permissions via `occ`
Advanced permissions can also be configured through the `occ groupfolders:permissions` command, but must be enabled first.
#### Enabling
Before configuring any advanced permissions you'll first have to enable advanced permissions for the folder using `occ groupfolders:permissions <folder_id> --enable`. To do this you'll first need to find the `folder_id` of the Team folder you're trying to configure. You can use `occ groupfolders:list` to find the `folder_id` of the target folder.
#### Using
Then you can list all configured permissions trough `occ groupfolders:permissions <folder_id>`.
```
occ groupfolders:permissions 1
+------------+--------------+-------------+
| Path | User/Group | Permissions |
+------------+--------------+-------------+
| folder | group: admin | +write |
| folder/sub | user: admin | +share |
| | user: test | -share |
+------------+--------------+-------------+
```
Permissions for files and folders can be set trough `occ groupfolders:permissions <folder_id> --group <group_id> <path> -- <permissions>` to set permissions for a group or `occ groupfolders:permissions <folder_id> --user <user_id> <path> -- <permissions>` to set permissions for a single user.
`<permissions>` can be one or more of the following options: `-read`, `+read`, `-write`, `+write`, `-create`, `+create`, `-delete`, `+delete`, `-share` or `+share` to set the set the respective permission to "deny" or "allow".
You can delete a rule by passing `clear` as the `<permissions>` field.
Note: An advanced permission settings set always needs to be complete (for example `+read -create +delete`) and not just incremental (for example `-create`).
Not mentioned options (in the above example that's _write_ and _share_) are interpreted as _inherited_.
To help with configuring nested permission rules, you can check the effective permissions a user has for a path using `occ groupfolders:permissions <folder_id> --user <user_id> <path> --test`.
To manage the users or groups entitled to set advanced permissions, use `occ groupfolders:permissions <folder_id> [[-m|--manage-add] | [-r|--manage-remove]] [[-u|--user <user_id>] | [-g|--group <group_id>]]`.
#### Disabling
To disable the advanced permissions feature for a Team folder, use `occ groupfolders:permissions <folder_id> --disable`.
## APIs
### REST API
See the [OpenAPI specification](openapi.json) to learn about all available API endpoints: https://petstore.swagger.io/?url=https://raw.githubusercontent.com/nextcloud/groupfolders/master/openapi.json
### WebDAV API
Team folders are also exposed through a separate [WebDAV API](https://docs.nextcloud.com/server/latest/user_manual/en/files/access_webdav.html) at `/remote.php/dav/groupfolders/<user id>`.
In addition to browsing the contents of the Team folders, you can also request the mount point for the Team folder by requesting the `{http://nextcloud.org/ns}mount-point` property.
", Assign "at most 3 tags" to the expected json: {"id":"6902","tags":[]} "only from the tags list I provide: [{"id":77,"name":"3d"},{"id":89,"name":"agent"},{"id":17,"name":"ai"},{"id":54,"name":"algorithm"},{"id":24,"name":"api"},{"id":44,"name":"authentication"},{"id":3,"name":"aws"},{"id":27,"name":"backend"},{"id":60,"name":"benchmark"},{"id":72,"name":"best-practices"},{"id":39,"name":"bitcoin"},{"id":37,"name":"blockchain"},{"id":1,"name":"blog"},{"id":45,"name":"bundler"},{"id":58,"name":"cache"},{"id":21,"name":"chat"},{"id":49,"name":"cicd"},{"id":4,"name":"cli"},{"id":64,"name":"cloud-native"},{"id":48,"name":"cms"},{"id":61,"name":"compiler"},{"id":68,"name":"containerization"},{"id":92,"name":"crm"},{"id":34,"name":"data"},{"id":47,"name":"database"},{"id":8,"name":"declarative-gui "},{"id":9,"name":"deploy-tool"},{"id":53,"name":"desktop-app"},{"id":6,"name":"dev-exp-lib"},{"id":59,"name":"dev-tool"},{"id":13,"name":"ecommerce"},{"id":26,"name":"editor"},{"id":66,"name":"emulator"},{"id":62,"name":"filesystem"},{"id":80,"name":"finance"},{"id":15,"name":"firmware"},{"id":73,"name":"for-fun"},{"id":2,"name":"framework"},{"id":11,"name":"frontend"},{"id":22,"name":"game"},{"id":81,"name":"game-engine "},{"id":23,"name":"graphql"},{"id":84,"name":"gui"},{"id":91,"name":"http"},{"id":5,"name":"http-client"},{"id":51,"name":"iac"},{"id":30,"name":"ide"},{"id":78,"name":"iot"},{"id":40,"name":"json"},{"id":83,"name":"julian"},{"id":38,"name":"k8s"},{"id":31,"name":"language"},{"id":10,"name":"learning-resource"},{"id":33,"name":"lib"},{"id":41,"name":"linter"},{"id":28,"name":"lms"},{"id":16,"name":"logging"},{"id":76,"name":"low-code"},{"id":90,"name":"message-queue"},{"id":42,"name":"mobile-app"},{"id":18,"name":"monitoring"},{"id":36,"name":"networking"},{"id":7,"name":"node-version"},{"id":55,"name":"nosql"},{"id":57,"name":"observability"},{"id":46,"name":"orm"},{"id":52,"name":"os"},{"id":14,"name":"parser"},{"id":74,"name":"react"},{"id":82,"name":"real-time"},{"id":56,"name":"robot"},{"id":65,"name":"runtime"},{"id":32,"name":"sdk"},{"id":71,"name":"search"},{"id":63,"name":"secrets"},{"id":25,"name":"security"},{"id":85,"name":"server"},{"id":86,"name":"serverless"},{"id":70,"name":"storage"},{"id":75,"name":"system-design"},{"id":79,"name":"terminal"},{"id":29,"name":"testing"},{"id":12,"name":"ui"},{"id":50,"name":"ux"},{"id":88,"name":"video"},{"id":20,"name":"web-app"},{"id":35,"name":"web-server"},{"id":43,"name":"webassembly"},{"id":69,"name":"workflow"},{"id":87,"name":"yaml"}]" returns me the "expected json"