File Manager Module: Permitted files within folders are not shown

Nimrod · March 18, 2016, 1:25pm

Hi guys…

Not sure if this feature is already available or not yet, but I can’t seem to get it to work.

In the File Manager module, I have folders and within those folders I have files and subfolders. I want to give certain user roles the permission to read certain folders only, not to all records of “File” DocType.

The closest I’ve achieved is “sharing” each individual file in the folders that I want to give users access to. But the problem is if the file is within a folder or subfolder, the intended users cannot see them when going to the File Manager module. They can only view the record if they have the direct URL of that record that is shared with them.

The permitted users should see in the File Manager module the folders that contain the files that they are permitted to access; even if they were not explicitly given permission to the folder itself.

Is this something doable right now?

Tropicalrambler · October 1, 2018, 4:04pm

@Nimrod, I just found your post until today, I am wondering the same thing. I wish to have certain folders “closed” by default only to me, and then choose the users that have permissions to the folder and any file within it (inherited). I seem to notice that everyone has access to File DocType, but you cannot somehow forbid this access.

I am also puzzled, because I am sure there is a solution to it.

Did you manage to resolve this issue?

dhananjay · October 2, 2018, 6:35am

@Tropicalrambler
I have been trying something similar with managing Projects. I would like only certain users to have access to attachments associated even within a Project.

Permission for the attachments are taken from the permission applied to the Doctype and the specific document. I am still experimenting with the following:

Only I have write access to a Project. While some users can have read access to Projects.

There are also Tasks associated with a. Project. Users are given write access based on the “Type” of task.
So a user who has access to a taks can upload, delete and modify the attachments related to the task.

There is still one limitation, I cannot make the “is Private” check box disable for all users, here is a github issue for the same. Please comment and upvote the issue if you find it relavant

joshr · September 7, 2021, 4:29pm

Resurrecting an old thread. Is this possible yet, either with File Manager or an existing integration. We have HR docs (pdfs) that get emailed to all new employees. Not everyone in the system needs to see these (they’re not sensitive, just noise for everyone else). Having folder-level permissions in File Manager seems useful.

dhananjay · September 13, 2021, 12:23pm

I have solved it by introducing a server script. The server script makes documents private irrespective of how the user intended them to be uploaded.

So only users having read access to the document have access to the files.

Hope this helps.

CA_B.C_Chechani · September 19, 2021, 3:43am

Are u open to share your server script . I appreciate it , if you can share or in private !

dhananjay · September 20, 2021, 5:33am

Really not much here -

if doc.attached_to_doctype not in [“Web Page”, “Blog”, “Help Article”, “Website Settings”, “Homepage”, “Homepage Section”,“Website Slideshow”,“Website Theme”, “User”, “Item”]:
doc.is_private = 1

CA_B.C_Chechani · September 20, 2021, 6:33pm

Thanks for sharing this script, will apply and let you know the feedback !

joshr · October 20, 2021, 9:53pm

On a related note, when you create a server script like this, how do you divine the api endpoint name (com.api.access-script) when you reference it from a client script?

dhananjay · August 27, 2022, 7:47am

This is not an API script, this is a script that is invoked at a particular Doctype event.