Operating with multiple users

[totti4ever]

• What do you mean with "user's accessing several collections"?
  Originally posted by @eikek in Help with migrating from paperless #270 (comment)

Coming from your question, I thought we could discuss this with everybody interested in a separate topic.

---

So what I'm thinking of is serving my core family: Wife, kids (until they are old enough to do their own thing)

Are we meant to use ONE collective with folders like Wife, me, _kids, common and MULTIPLE collectives are meant for bigger purposes, like hosting the documents for my parents?

[eikek]

Yes, exactly.

My intentions was to have 1) a way to completely separate things – if you would host docspell for multiple people, they are "collectives" and 2) within a collective, you can have multiple users accessing the files.

The family was exactly what I had in mind. We have so much things that my wife and I must be aware of. It's not just "my" documents, but often time things regarding kids or house/flat, bills etc that affects all of us. But we still have, for example, different mail accounts and preferences on how to use the app. I also think this applies to small organizations: the folder feature is for things that require a little bit of moving documents around within a set of trusted users. So for example, there is a folder named after users where only they have access to. This may be useful to get documents out of the way of others and to "hide" bills for birthday prestents etc. Or it may be used to "assign" things to people, so for example "can you please take care of this". It could be used to create groups, too. One has to come up with some process of its own taste of course, it's not fixed or provided.

Laaaaater :), I imagine to be able to "send" documents/items to other collectives. But this would involve creating a copy, because collectives are never meant to share items. Then multiple docspell instances could collaborate for example. So you can send an item to a collective by uploading it to an url; the app can detect whether this url means itself and implement this case efficiently in contrast to a remote url.

[eikek]

I'm closing this, as it seems there is no action left. But of course, always feel free to reopen if there is something to do or not clear etc!

[eresturo]

So I can still view files from folders I don't belong to if I know the link? Shouldn't this be forbidden? Does hidden only mean that it is no longer visible in the GUI? Can you still find the hidden documents via API?

[eikek]

So I can still view files from folders I don't belong to if I know the link?

Yes, if you know the link (the cryptic id) then you can still see it.

Shouldn't this be forbidden?

I choose to not forbid it. Conceptionally, a collective is a group of users that trust each other in some way. This "hiding" feature is only meant to move documents out of the way from others (e.g. when implementing some workflow) or to maybe hide bills for birthday presents etc. If you really don't want files to be seen by other users, you would need to create a separate collective. Colllectives are always meant to have strictly separate files. Docspell doesn't implement access control on documents.

Can you still find the hidden documents via API?

No, this is not possible. Hidden documents won't show up from search (or it is a bug). It helps a little when using source-urls to automatically assign a folder. This way documents are not discoverable by other users.

[eresturo]

Okay, got it. Thanks for the explanations. However, I see no advantages in the concept of collectives in general. It is quite confusing what users, collectives and folders are. I don't understand why you can't just have users who can share items with each other.

[eikek]

That's interesting! My wanted features were: 1. have separate sets of documents, and 2. have documents that all of my family can access. Then the address-book should be maintained by all of us, too. If there were only users, I would either need to "share" every document with everyone or, if that's the default, having strictly separated documents is difficult?

With the collectives it is possible to have separated accounts with separate files and address book, and in one account multiple users can work on the same documents having different settings (mail settings, ui settings…). How can this work with only users? Then I wouldn't know where to put the address book, it should be shared, too.

If I could go back, I would maybe use users + groups. But this complicates other things … I haven't finished this thought.

Well, I agree, that it is confusing… it's not easy to explain. I'm missing better ideas and/or terminology.

[eresturo]

First of all I want to say that it is of course your decision how you design your great software and if it is worth to change something here 😄

👍 for the idea of Users and groups. This concept is well known in many different software.
If you upload a document, you could decide if it's a personal document or a document of a group. You could setup sources to upload into a specific target.
Each user in a group could have different roles (group admin, write access, read access).
Settings could be split in user settings (mail, ui, ...) and group settings (default doc language for example).
Each entry in your address book could be only personal or a group item.

[eikek]

First of all I want to say that it is of course your decision how you design your great software and if it is worth to change something here

Yes… I know :-) I hope I didn't sound jerky with all my questions, I really apologize then! I appreciate all your input a lot! It's always important to look at things from different perspectives, just difficult at times when alone :-)

+1 for the idea of Users and groups. This concept is well known in many different software.

Yes, this is true and I can't believe that it didn't came to my mind in the early days.

If you upload a document, you could decide if it's a personal document or a document of a group. You could setup sources to upload into a specific target.
Each user in a group could have different roles (group admin, write access, read access).
Settings could be split in user settings (mail, ui, ...) and group settings (default doc language for example).
Each entry in your address book could be only personal or a group item.

Yeah, it really sounds like it could work. And I also like it a lot. It's only that it requires a lot of work…. It just came to my mind, that this idea was brought up early, almost exactly a year ago: #21 (comment)

I think it would be possible to have groups like github has organizations. Then address books and documents belong to groups (just like to a collective today). A user logs in and can then switch the group via a dropdown or something. A personal group (e.g. same name as username) could be created automatically for a private space. Upload urls could stay on the group (for a first try anyways). Fulltext search can be confined to a group, like it is today…. A little inconvenient is that I must switch groups in order to search my own documents which also affects the basic stats. Hm. We can create an issue to see how interest is and to sketch some ideas, if you like.

[fabiosoft]

The users of the application are part of a collective. A collective is a group of users that share access to the same items. The account name is therefore comprised of a collective name and a user name.
All users of a collective are equal; they have same permissions to access all items. The items don't belong to a user, but to the collective.
That means, to identify yourself when signing in, you have to give the collective name and your user name.

Finally i got it!
I think this is the best explaination for user/collective difference.

Maybe i short sentence should be included in readme.
source

[eikek]

Hi @fabiosoft - glad you found it. The thing is that I don't have a clear and short sentence :). The readme contains a link to the page, just not directly to the section. But thought it would be good to find, there is a navigation item on the left as well. I don't want to put too much stuff in the readme - it's one more place to get out of sync too easily.