owncloud
[feature/disable-fileprovider] Disable access to File Provider via MDM
Description
Adds a new MDM option fileprovider.browseable that:
- brings up an error message when entering the File Provider in the Files.app
- brings up an error when trying to save a file via the "Save to Files" iOS share action
- brings up an error when trying to create a folder via the "Save to Files" iOS share action
Usage
Add this option to the Branding.plist or via MDM:
<key>fileprovider.browseable</key>
<false/>
Related Issue
https://github.com/owncloud/enterprise/issues/5371
Screenshots (if appropriate):
| Files.app | Import via "Save to files" | Create folder via "Save to files" |
|---|---|---|
 |
 |
 |
Types of changes
- [ ] Bug fix (non-breaking change which fixes an issue)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing functionality to change)
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 3 committers have signed the CLA.
:white_check_mark: hosy
:x: Matthias Hühne
:x: felix-schwarz
Matthias Hühne seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.
QA checks:
fileprovider.browseable = false
- [x] Open Files App without passcode -> Not allowed
- [x] Open Files App with passcode -> Not allowed
- [x] Save file to Files App -> Not allowed
- [x] Create folder via "Save files" -> Not allowed
- [X] "Save files" with multiaccount -> Not allowed
- [x] UI -> new view correct with all themes
fileprovider.browseable = true
- [x] Open Files App without passcode -> Allowed
- [x] Open Files App with passcode -> Allowed
- [x] Save file to Files App -> Allowed
- [x] Create folder via "Save files" -> Allowed
- No
fileprovider.browseableinBranding.plist
- [X] Open Files App without passcode -> Allowed
- [X] Open Files App with passcode -> Allowed
- [X] Save file to Files App -> Allowed
- [X] Create folder via "Save files" -> Allowed
iPhoneXR iOS15 iPhone13 iOS16
just a comment: when the branding option is false and Files App is opened, the authentication view (to trigger the passcode/ biometrical) is showed before the warning of Files App disabled, no matter if the unlocking methods are enabled or disabled in the app. With steps:
- Set
fileprovider.browseable = false - In app, disable passcode / biometrical
- Open Files App
Current: Authentication view, before the warning.
This is not a bad behaviour or blocker at all. Just to confirm this is expected.
@jesmrec If you open the Files app and it is already "open" in the ownCloud File Provider, that is the expected behaviour.
But if you pick "ownCloud" from the list of available file providers (next to "iCloud Drive", "My device", etc.) in the Files app, the UI with the error message should pop up right away.
But if you pick "ownCloud" from the list of available file providers (next to "iCloud Drive", "My device", etc.) in the Files app, the UI with the error message should pop up right away.
Right, if you cancel the error message view, the "authentication required" is there again to be clicked.
So, the "authentication required" view in this context is kind of mandatory somehow, no matter if locking is enabled or not (its regular use). As commented, this is OK anyway for me. Main requirement (preventing use of Files App) is fulfilled with no bad behaviours.
Merged into #1162. No longer destined to be merged in 11.x outside of special builds.