Implementation of OpenID Connect Permissions in Pydio Cells

This technical report outlines the implementation of a complex OpenID Connect directory permission model within Pydio Cells for the client, Dekra, a provider of inspection and certification services. The document details the challenges faced in managing access to a large number of folders with role-based permissions. It describes the process of decoding entitlements from the client directory to create authorized paths for user access. The implementation involved using scripting capabilities to read user roles and apply transformations to manage permissions dynamically. Additionally, the report explains the creation of on-the-fly security policies to filter content in a shared workspace, allowing for centralized permission management. The impact of this implementation is highlighted, noting that it enhances customer service and productivity by streamlining workflows and integrating Pydio Cells into core operations. The report emphasizes the importance of secure document sharing and collaboration within enterprises.