Skip to main content

Users & Groups

Sync-in offers fine-grained control over users, their roles, and the groups they belong to.
Permissions are built at multiple levels: individual, inherited through user groups, or delegated in specific cases.

This architecture allows for a combination of centralized administrative control (user groups) and collaborative flexibility (personal groups), while ensuring security and access traceability.

πŸ‘€ Users​

Users are the regular members of the platform.

  • βœ… Individual or inherited permissions: each user can receive permissions directly or inherit them through user groups.
  • πŸ”‘ Administrator role: some users may be granted administrator privileges.
  • πŸ‘₯ Multi-group membership: a user can belong to several groups at the same time.
info

Users can view the groups they belong to or manage from their User Account.

πŸ‘₯ Guests​

Guests are limited-rights users, typically used for external or temporary collaborations.

  • βœ… Created by users with the guest administration permission.
  • πŸ”’ No personal space or sharing capabilities, with limited access rights.
  • πŸ“ Can access specific spaces or shared folders.
  • 🌐 Have access via WebDAV.
  • πŸ‘₯ Can join personal groups, but not user groups.
  • πŸ‘€ Must have at least one manager.
  • ✏️ Their managers can edit their information or remove them.
info

Guests have no visibility over the groups they belong to.

πŸ§‘β€πŸ« User Groups​

User groups are used to structure permissions within the organization.
They are administrative groups that can represent teams, entities, departments, or roles in the company.

  • πŸ” Managed only by administrators.
  • βš™οΈ Can hold permissions on applications.
  • 🧱 Flexible structure: user groups can be organized either flat or nested
    (a group can contain other groups), allowing an accurate reflection of your organization’s hierarchy or roles.
info

In a nested group structure, permissions are not automatically passed down to child groups.
Each group manages its own permissions independently.

Managers​

User group managers are designated by administrators:

  • βž• Can add or remove members from the group.
  • 🚫 Cannot appoint other managers, nor remove their own management rights.
  • πŸ‘οΈ Do not have any access or visibility over potential child groups.

πŸ‘¨β€πŸ‘©β€πŸ‘§β€πŸ‘¦ Personal Groups​

Personal groups are designed to support collaboration without impacting application-level permissions.
Used to organize spaces or shares, they are strictly private and managed by end users.

  • βœ… Creation restricted to users with the personal group administration permission.
  • 🧩 No permissions can be granted via these groups.
  • πŸšͺ Members can leave the group at any time.
  • πŸ‘€ Each group must have at least one manager.
  • 🧱 Flat structure: groups are independent, with no support for nesting or subgroups.

Managers​

Personal group managers are designated by users with the personal group administration permission.
They can perform the following actions:

  • βž• Add users or guests.
  • πŸ“ Rename the group, manage members and managers.
  • ❌ Delete the group, if necessary.