Grant admin user the right to SEE shares created by other users


#1

Steps to reproduce

  1. User A sets up a share for a folder. The share panel shows the list of shares created by user A.
  2. User B logs in and accesses the shares for the folder. There are no shares visible for user B.

Expected behaviour

If user B has access to the folder, they should see all instances of sharing for that folder. No?

For an admin user, they should see all shares for all folders.

Actual behaviour

Admin user does not see shares for folders they have access to.

Server configuration

Operating system:

Ubuntu 14

Web server:

Apache

Database:

MySQL

PHP version:

PHP 7.0.21-1~ubuntu14.04.1+deb.sury.org+1

ownCloud version: (see ownCloud admin page)

10.0.4

Updated from an older ownCloud or fresh install:

n/a

Where did you install ownCloud from:

Signing status (ownCloud 9.0 and above):

No errors have been found.

Login as admin user into your ownCloud and access 
http://example.com/index.php/settings/integrity/failed 
paste the results into https://gist.github.com/ and puth the link here.

The content of config/config.php:

n/a

List of activated apps:

If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your ownCloud installation folder.

Enabled:

  • activity: 2.3.6
  • audioplayer: 2.2.4
  • checksum: 0.3.5
  • comments: 0.3.0
  • configreport: 0.1.1
  • customgroups: 0.3.6
  • dav: 0.3.2
  • diagnostics: 0.1.2
  • external: true
  • federatedfilesharing: 0.3.1
  • files: 1.5.1
  • files_clipboard: 0.7.1
  • files_external: 0.7.1
  • files_external_ftp: 0.2.0
  • files_pdfviewer: 0.8.2
  • files_sharing: 0.10.1
  • files_texteditor: 2.2.1
  • files_trashbin: 0.9.1
  • files_versions: 1.3.0
  • files_videoplayer: 0.9.8
  • gallery: 16.0.2
  • impersonate: 0.2.0
  • market: 0.2.4
  • notifications: 0.3.2
  • onlyoffice: 1.3.0
  • piwik: 0.3.2
  • systemtags: 0.3.0
  • templateeditor: 0.3
  • user_ldap: 0.10.0
    Disabled:
  • encryption
  • federation
  • firstrunwizard
  • provisioning_api
  • theme-example
  • updatenotification
  • user_external

Are you using external storage, if yes which one: local/smb/sftp/…

local - multiple

Are you using encryption: yes/no

no

Are you using an external user-backend, if yes which one:

LDAP

LDAP configuration (delete this part if not used)

Security risk. Will share privately if needed.

Client configuration

Browser:

chrome

Operating system:

ubuntu


#2

We might need more information…

An admin, as admin role, doesn’t need to know about any available share. The files are in each private space, and each user can share them however they want. This is intended, so unless you convince ownCloud that such feature is useful (sell your idea to ownCloud!), I doubt it will be implemented.
You can also create your own ownCloud app to provide such functionality.

Now, for the sharing case, if user A shares a folder with user B, user B just have access to that folder. It doesn’t need to know about any other shares that could be in or out the shared folder, or who has access to the directory. Basically, user B has been granted access to that directory.


#3

Yes. Couple of additions.
If User B would be a co-owner (doesn’t exist today) he should also see - backlog item.
If it is shared to a group where user B is part of, user B will see with which group it is shared and can act accordingly.