Jetzt verfügbar:  Berichte für DRACOONMehr Infos

Emulation of data room copy operation

Kommentare

7 Kommentare

  • Avatar
    Michael Netter

    Hi Nick,

    concerning your questions:

    1) I think you are referring to POST /nodes/{node_id}/copy_to. "Nodes must be in the same source parent" means that all ids that are provided in the items array must be in the same room (but might be in different folders). Example 1: Assume the following structure: /roomA/folderA/file1.txt and /roomA/folderB/file2.txt. Then you can copy both files using the ids of these files. Example 2: Assume the following structure: /roomA/file1.txt and /roomB/file2.txt. then you cannot copy both files with one API call because they are in different rooms. To copy both files, you have to make two API calls.

    2) Unfortunately, you cannot copy files from unencrypted rooms to encrypted rooms. You also cannot copy from encrypted rooms to unencryped rooms. What works is copying files from one encrypted room to another encrypted room and copying from one unencrypted room to another unencrypted room.

    Hope this helps.

    Best regards,

    Michael

    0
    Aktionen für Kommentare Permalink
  • Avatar
    Nick Horatiu

    Hello Michael,

    Thanks for your reply :)  This clears out the questions I had. In addition to those 2 questions I was wondering whether:

    1. Do files and folders, when copied, retain permissions and ownership? So if I copy some files and folders from roomA to roomB, will copied files in roomB have the same permissions and will the be owned by the same users as original ones or will they be owned by account that issues the copy operation?

    2. When creating a dataroom one can specify admin ids in the call and will effectively assign room ownership. For an existing dataroom is there a call to update list of owners and add a new one? Is it the PUT call to "/v4/nodes/rooms/{room_id}/users"

    3. In the PUT call mentioned in 2 does the "id" field in the JSON array correspond to a user ID? 

    4. In the JSON sent to the PUT call mentined above does the "manage" field indicate whether someone is room admin / owner? Is there a difference between owner and admin? 

    Thanks,
    Nick.

    0
    Aktionen für Kommentare Permalink
  • Avatar
    Michael Netter

    Hi Nick,

    glad I could help. Regarding your other questions:

    1) Permissions are set on room level, i.e. permissions of that room apply to all files therein. If UserB copies file1 (created by UserA) from roomA to roomB, the permissions of roomB apply to the copied file. For copied files, the value of the createdBy is set to UserB.

    2) Yes, you can change the users of a room by calling PUT /nodes/rooms/{room_id}/users

    3) Yes, these ids are user Ids

    4) Yes, the Swagger documentation (in the body section you can click on Model and then expand the items array) states: "mange: User / Group may grant all of the above permissions to other users and groups independently, may update room metadata and create / update / delete subordinary rooms, has all permissions." There is no such concept as an owner, only one person that has created the room in the first place (see field createdBy). 

    Best regards,

    Michael

    0
    Aktionen für Kommentare Permalink
  • Avatar
    Nick Horatiu

    Hello Michael,

    Thanks for further details. 

    One thing I was also wondering in the context of emulating this operation is how room permissions are applied to subrooms. My guess is that this will mimic Access Control Systems in traditional OSes but I want to make sure my assumption is correct. 

    1. For example if we have a hierarchy /roomA/roomB/roomC and there is a set of users defined on roomA - u1, u2, u3 with full read, write permissions, would it be reasonable to say that these permissions extend to any subrooms so also to roomB or roomC?

    2. In the same example, would it be possible to further restrict what u2 can do on roomB or roomC? Could we specify that while u2 has RW on roomA, they can only do R on room B?

    3. Is it possible that u3 has no access (i.e. so not even read) on roomC? 

    Thanks again,
    Nick. 

    0
    Aktionen für Kommentare Permalink
  • Avatar
    Michael Netter

    Hi Nick,

    1) When you create a new roomB, you can specify whether roomB should inherit the permissions from roomA or not. (POST /v4/nodes/rooms, field ist called inheritPermissions). If inheritance is enabled, u1,u2, and u3 have the same permissions on roomB which they have on roomA. The same applies for creating roomC.

    2) If you have inheritance enabled, unfortunately you cannot restrict what u2 can do in roomB or roomC. As a solution, you could disable inheritance, then "copy" the permissions from roomA to roomB (the API even provides a field for this under PUT /v4/nodes/rooms/{room_id}/config, field "takeOverPermissions") and finally restrict the permissions of u2.

    3) Yes, if you disable inheritance on roomB and roomC. As a consequence, you have to manually permissions to roomB and roomC.

    Best regards,

    Michael

    0
    Aktionen für Kommentare Permalink
  • Avatar
    Nick Horatiu

    Hello Michael,

    There is one more issue I am wrestling with in getting this feature completed, the issue of encrypted room. If I have an encrypted room, roomA that can be accessed by u1, u2 how do I:

    1. Enable encryption on a newly created room roomB

    2. Make sure users u1 and u2 will, in the future, have access to the files in that room

    I've since found out that room contents will not be copied so it's enough if I just set up encryption to be working on roomB without copying any of the content. 

    Thanks again,
    Nick.

    0
    Aktionen für Kommentare Permalink
  • Avatar
    Michael Netter

    Hi Nick,

    regarding your questions:

    1) You can encrypt a room using PUT /v4/nodes/rooms/{room_id}/encrypt. However, there are preconditions:

    • Encryption must be enabled globally (check GET /v4/config/info/general (field cryptoEnabled),
    • The room must be empty
    • Only top level rooms may be encrypted/rooms at lower levels may only be encrypted if all rooms at higher levels are also encrypted.

    2) To make sure that u1 and u2 have access you need to make sure that:

    Best regards,

    Michael

    0
    Aktionen für Kommentare Permalink

Bitte melden Sie sich an, um einen Kommentar zu hinterlassen.