This is an old revision of the document!

Access Permissions

CloudFile implements a different Permission handling like other systems.

Normally a parent Directory with prohibited access will also prevent me from accessing subdirectories.
Because the default permission handlings are handled from left to right.

Example
The path
/main/sub/directory/
will checked like this:

Did I have access to /, if not prevent complete access
Did I have access to /main, if not prevent complete access
Did I have access to /main/sub, if not prevent complete access
Did I have access to /main/sub/directory, if not prevent complete access

If all this is true, I could access this directory.

The CloudFile switch this processing. I will check the path from right to left.
So you could have access to files inside a subdirectory, within a directory you couldn't access at all.
This makes it easier to configure permissions for you.

Example
The path
/main/sub/directory/
will checked like this:

If there is a permission configuration for /main/sub/directory/. If yes, apply the rule. (deny or grant access)
If there is a permission configuration for /main/sub/. If yes, apply the rule. (deny or grant)
If there is a permission configuration for /main/. If yes, apply the rule. (deny or grant)
If there is a permission configuration for /. If yes, apply the rule. (deny or grant)

You will get the question, how you could access /main/sub if the access to / is denied
I solved this in a way you don't need to have denied access in mind if you create configurations.

Example
If the filesystem looks like:

a
 ab
 ac
  acd
   acda
  ace
b
 ba

And you prohibit the access of /a , allow the access to /a/ac/ace and allow /b for the user .
Then the user will see the following filesystem:

a
 ac
  acd
    acda
b
 ba

And no /a/ab or /a/ac/ace.
Also the user won't see any content of the directories below /a/ac/ace.
The system will manage the directories to makes it possible to navigate from the root to the directory the user could access.