A couple of thoughts about user group "public"


so while playing with a public user account I noticed a couple of things:
The “Get” button now displays “Deleted”

I’d suggest it is hidden or disabled instead

A public user can change the password which could be problematic in some use cases (i.e. sharing the account with the general public).


Would you see this control being set at a file level - do not allow tagging of this file

Or at a user level - user “xyz@domain.com” cannot get or send files.

Or perhaps a group level. We create a “public” user that can access files but not change anything?



In this particular case, per user would make sense as I only have that one public user which should not be able to do anything but browser.

However, if I put a custom option into the “Get” button (the one that currently reads “Deleted”), such as “Go to my custom page” (your example from another thread), that should potentially be accessible. I’d imagine that would be set via the API, so it should enable the developer to expose any custom options to public users (via group or user level).

Generally it feels like it would be better to have permission groups such as “public”, “organisation”, custom ones etc, use them to assign to FCs, then users are only added to those groups. It feels like it would make the entire permission system a lot more flexible?!