You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please use the π reaction to show that you are affected by the same issue.
Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
Subscribe to receive notifications on status change and new comments.
Summary
Currently, when a Nextcloud group is added to a conversation, all current group members
are invited and future members are automatically added via GroupMembershipListener.
However, the conversation itself is not restricted: any moderator can still manually
invite users who are not part of that group.
This means there is no way to enforce that a conversation stays exclusively within a
defined group β which is a common organizational need.
Problem description
In many organizations (schools, associations, companies), certain conversations should
be strictly limited to members of a specific group. Examples:
A "Youth" conversation that only members of the "Youth" group can access
A "Staff" conversation that should never include external users or guests
A private team channel where membership is entirely driven by the group, not manual invites
With the current implementation:
A moderator can invite anyone β including non-group members β into a "group conversation"
There is no way to enforce that leaving a group also removes access to the conversation
Admins have no guarantee that a sensitive conversation stays within its intended audience
Proposed solution
Add a "group-locked" mode on conversations (type GROUP), configurable per room.
Database
Add a boolean column is_group_locked (default false) on the oc_talk_rooms table.
Behavior when is_group_locked = true
Only users who are members of at least one of the groups attached to the room
can be added as participants
The participant addition endpoint (POST /room/{token}/participants) returns 403
if the invited user is not in any of the room's groups
When a user is removed from all groups linked to the room, they are automatically
removed from the conversation (already partly handled by GroupMembershipListener)
Only owners/admins can toggle the group-lock setting
API
PUT /room/{token}
{ "groupLocked": true }
UI
A toggle in the conversation settings panel: "Restrict to group members only"
(visible to owners and moderators, only effective when at least one group is attached)
What this is NOT
This is not a request to restrict the Talk app access by group (see #1105).
This is not a request to block cross-group communication globally (see #5039).
This is a per-conversation access restriction, scoped to the groups already
attached to that specific room.
Use case example
An association manages two groups in Nextcloud: Youth and Staff.
Conversation "The Youth" β group-locked to Youth β no staff member can be
accidentally added
Conversation "The Team" β group-locked to Staff β membership is fully driven
by the group, guaranteed
Affected files (rough estimate)
lib/Db/Room.php β add isGroupLocked field
lib/Service/ParticipantService.php β add group membership check in addUsers()
lib/Service/RoomService.php β handle groupLocked in update
lib/Controller/RoomController.php β expose in API
Tip
How to use GitHub
Summary
Currently, when a Nextcloud group is added to a conversation, all current group members
are invited and future members are automatically added via
GroupMembershipListener.However, the conversation itself is not restricted: any moderator can still manually
invite users who are not part of that group.
This means there is no way to enforce that a conversation stays exclusively within a
defined group β which is a common organizational need.
Problem description
In many organizations (schools, associations, companies), certain conversations should
be strictly limited to members of a specific group. Examples:
With the current implementation:
Proposed solution
Add a "group-locked" mode on conversations (type
GROUP), configurable per room.Database
Add a boolean column
is_group_locked(defaultfalse) on theoc_talk_roomstable.Behavior when
is_group_locked = truecan be added as participants
POST /room/{token}/participants) returns403if the invited user is not in any of the room's groups
removed from the conversation (already partly handled by
GroupMembershipListener)API
PUT /room/{token}
{ "groupLocked": true }
UI
A toggle in the conversation settings panel: "Restrict to group members only"
(visible to owners and moderators, only effective when at least one group is attached)
What this is NOT
This is not a request to restrict the Talk app access by group (see #1105).
This is not a request to block cross-group communication globally (see #5039).
This is a per-conversation access restriction, scoped to the groups already
attached to that specific room.
Use case example
An association manages two groups in Nextcloud:
YouthandStaff.Youthβ no staff member can beaccidentally added
Staffβ membership is fully drivenby the group, guaranteed
Affected files (rough estimate)
lib/Db/Room.phpβ addisGroupLockedfieldlib/Service/ParticipantService.phpβ add group membership check inaddUsers()lib/Service/RoomService.phpβ handlegroupLockedin updatelib/Controller/RoomController.phpβ expose in APIlib/Migration/β new migration for the columnsrc/β frontend toggle in conversation settingsAdditional context