Flow denial on uploading private files prevents NC Talk Folder access/creation #206
Description
Steps to reproduce
- Creating flow rule with following filters: "Tag - not tagged by - TAGNAME" && "User Group is not ADMIN"
- Installing nextcloud Talk App
- Create new user
Expected behaviour
User is able to login and is able to use Nextcloud Talk
Actual behaviour
On first login User is getting an internal server error, log shows that the flow rule denies creation of "Talk" folder in user directory.
pre-creating the folder "Talk" by skeleton directory ist working to create the folder and let's the user log in, but the user has no access on the "Talk" folder because of the flow restrictions.
I haven't found any way to exclude the folder from the rule, so the user can use NC Talk.
Users should not be able to upload files to their own NC (Home) folder, but they should be able to work in shared folders and should be able to use NC Talk.
Server configuration
Operating system: Debian 9
Web server: nginx
Database: mariadb 15.1
PHP version: 7.4
Nextcloud version: 21 & 22
Where did you install Nextcloud from: .zip-package from nextcloud.com
Signing status:
No errors have been found.
List of activated apps:
Enabled:
- accessibility: 1.7.0
- activity: 2.15.0
- bruteforcesettings: 2.2.0
- circles: 22.0.0
- cloud_federation_api: 1.4.0
- comments: 1.11.0
- contactsinteraction: 1.2.0
- dashboard: 7.1.0
- dav: 1.18.0
- federatedfilesharing: 1.11.0
- federation: 1.11.0
- files: 1.16.0
- files_accesscontrol: 1.12.0
- files_automatedtagging: 1.12.0
- files_pdfviewer: 2.3.0
- files_rightclick: 1.1.0
- files_sharing: 1.13.2
- files_trashbin: 1.11.0
- files_versions: 1.14.0
- files_videoplayer: 1.11.0
- firstrunwizard: 2.11.0
- logreader: 2.7.0
- lookup_server_connector: 1.9.0
- nextcloud_announcements: 1.11.0
- notifications: 2.10.1
- oauth2: 1.9.0
- onlyoffice: 7.0.4
- password_policy: 1.12.0
- photos: 1.4.0
- privacy: 1.6.0
- provisioning_api: 1.11.0
- recommendations: 1.1.0
- serverinfo: 1.12.0
- settings: 1.3.0
- sharebymail: 1.11.0
- spreed: 12.0.1
- support: 1.5.0
- survey_client: 1.10.0
- systemtags: 1.11.0
- text: 3.3.0
- theming: 1.12.0
- twofactor_backupcodes: 1.10.1
- updatenotification: 1.11.0
- user_status: 1.1.1
- viewer: 1.6.0
- weather_status: 1.1.0
- workflowengine: 2.3.0
Disabled:
- admin_audit
- audioplayer
- encryption
- files_external
- user_ldap
Nextcloud configuration:
{
"system": {
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"cloud.CUSTOMERDOMAIN.de"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"dbtype": "mysql",
"version": "22.0.0.11",
"overwrite.cli.url": "http:\/\/cloud.CUSTOMERDOMAIN.de",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"loglevel": 1,
"default_language": "de_DE",
"default_locale": "de_DE",
"sharing.interal_shares_accepted": true,
"memcache.local": "\\OC\\Memcache\\APCu",
"filelocking.enabled": true,
"memcache.distributed": "\\OC\\Memcache\\Redis",
"memcache.locking": "\\OC\\Memcache\\Redis",
"skeletondirectory": "\/var\/www\/clients\/client5\/web12\/web\/keinedaten",
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 6379,
"dbindex": 5,
"timeout": 0,
"password": "***REMOVED SENSITIVE VALUE***"
},
"theme": "",
"maintenance": false,
"defaultapp": "files",
"mail_smtpmode": "smtp",
"mail_smtpsecure": "ssl",
"mail_sendmailmode": "smtp",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_smtpauthtype": "LOGIN",
"mail_smtpauth": 1,
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "465",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"app_install_overwrite": [
"email_template_CUSTOMER"
],
"updater.release.channel": "stable"
}
}
Are you using external storage, if yes which one: no
Are you using encryption: no
Are you using an external user-backend, if yes which one: no
Client configuration
Browser: Chrome/Firefox/Edge
Operating system: Win10
Activity