Skip to content
osvauld

Folder Concept

In our system, a folder is a collection of credentials. It is used to organize and manage access to related credentials. The folder metadata and access information are stored in the folder and folder_access tables, while the actual credentials are stored separately. There are two types of folder private and shared. Shared folders by default will be shared with super admin to prevent data loss.

Folder Table

The folder table stores the metadata for each folder. The relevant columns in the folder table are:

  • pk: The primary key of the folder, uniquely identifying each folder.
  • name: The name of the folder.
  • created_by: A foreign key referencing the user who created the folder.

Folder Access Table

The folder_access table manages the access permissions for folders. The relevant columns in the folder_access table are:

  • pk: The primary key of the folder access entry.
  • folder_id: A foreign key referencing the pk of the corresponding folder.
  • user_id: A foreign key referencing the user who has been granted access to the folder.
  • access_type: The type of access the user has to the folder (e.g., “manager”, “read”).
  • group_id: A foreign key referencing the group that has been granted access to the folder if any.

Credential Sharing

When a folder is shared with other users or groups, all the credentials within that folder are automatically shared with those users or group members. The access type defined in the folder_access table is inherited by the credentials within the folder.

The credentials table stores the actual credential information. The relevant columns in the credentials table are:

  • pk: The primary key of the credential.
  • name: The name of the credential.
  • description: A description of the credential.
  • folder_id: A foreign key referencing the pk of the folder to which the credential belongs.

Note:When a new credential is added to a folder, it automatically inherits the access permissions of the folder and is shared with all users or groups who have been granted access to the folder.

Folder Sharing with Groups

When a folder is shared with a group, all members of the group inherit the access type defined for the folder in the folder_access table. An entry is added to the folder_access table for each member of the group, granting them access to the folder and its credentials.

Creating a Folder

When a new folder is created, the following steps occur:

  1. A new entry is inserted into the folder table with the provided metadata, such as the folder name and the user who created it.
  2. An entry is added to the folder_access table, granting the creator of the folder an access type of “manager”.

Sharing a Folder

When a folder is shared with other users or groups, the following steps occur:

  1. For each user or group member that the folder is shared with, a new entry is added to the folder_access table.
  2. The folder_id column in the folder_access table is set to the pk of the shared folder.
  3. The user_id column in the folder_access table is set to the pk of the user or group member being granted access.
  4. The access_type column in the folder_access table is set to the appropriate access level (e.g., “read”, “write”).

By organizing credentials into folders and managing access through the folder_access table, our system provides a flexible and efficient way to control access to related credentials and share them with users and groups as needed.