Roles and Permissions Support

    In version 6.0, we support 10 permissions, more permissions will be added later.

    In version 6.1, we added a new permission which can be used to set quota for a certain role of users. For example, we can set the quota of employee to 100G by adding 'role_quota': '100g', and leave other role of users to the default quota.

    Seafile comes with two build-in roles default and guest, a default user is a normal user with permissions as followings:

    1.     'guest': {
    2.         'can_add_repo': False,
    3.         'can_add_group': False,
    4.         'can_view_org': False,
    5.         'can_use_global_address_book': False,
    6.         'can_generate_share_link': False,
    7.         'can_generate_upload_link': False,
    8.         'can_invite_guest': False,
    9.         'can_connect_with_android_clients': False,
    10.         'can_connect_with_ios_clients': False,
    11.         'can_connect_with_desktop_clients': False,
    12.         'role_quota': '',
    13.     },

    If you want to edit the permissions of build-in roles, e.g. default users can invite guest, guest users can view repos in organization, you can add following lines to seahub_settings.py with corresponding permissions set to True.

    An user who has can_invite_guest permission can invite people outside of the organization as guest.

    In order to use this feature, in addition to granting can_invite_guest permission to the user, add the following line to seahub_settings.py,

    Users can invite a guest user by providing his/her email address, system will email the invite link to the user.

    Tip: If you want to block certain email addresses for the invitation, you can define a blacklist, e.g.

    After that, email address “a@a.com”, any email address ends with “-a-a.com” and any email address ends with “@foo.com” or “.com” will not be allowed.

    Add custom roles

    1. ENABLED_ROLE_PERMISSIONS = {
    2.         'can_add_repo': True,
    3.         'can_add_group': True,
    4.         'can_view_org': True,
    5.         'can_use_global_address_book': True,
    6.         'can_generate_share_link': True,
    7.         'can_generate_upload_link': True,
    8.         'can_invite_guest': False,
    9.         'can_connect_with_android_clients': True,
    10.         'can_connect_with_ios_clients': True,
    11.         'can_connect_with_desktop_clients': True,
    12.         'role_quota': '',
    13.     },
    14.     'guest': {
    15.         'can_add_repo': False,
    16.         'can_add_group': False,
    17.         'can_view_org': False,
    19.         'can_generate_share_link': False,
    20.         'can_invite_guest': False,
    21.         'can_connect_with_android_clients': False,
    22.         'can_connect_with_ios_clients': False,
    23.         'can_connect_with_desktop_clients': False,
    24.         'role_quota': '',
    25.     },
    26.     'employee': {
    27.         'can_add_repo': True,
    28.         'can_add_group': True,
    29.         'can_view_org': True,
    30.         'can_use_global_address_book': True,
    31.         'can_generate_share_link': True,
    32.         'can_generate_upload_link': True,
    33.         'can_invite_guest': True,
    34.         'can_connect_with_android_clients': True,
    35.         'can_connect_with_ios_clients': True,
    36.         'can_connect_with_desktop_clients': True,
    37.         'role_quota': '',