Giving roles and groups different permission

I need help for a couple of tasks,
Here is how we want to user Pydio.

we have about 20 employees that will user Pydio to share content with our customers. Pydio is connected correctly to LDAP for employees authentication and for customers, we create groups and users in the local database.

  1. I want the employees’ accounts to be added automatically to 1 group. all in one group. I tested different filters and mapping, and no result.

  2. All the employees’ accounts are all getting the same role. If I add a new workspace for a customer, I have to edit the employees’ Role to give them access to this workspace. is there a way to configure this role automatically, in a way that they get access to all workspaces by default?

  3. Employees should be able to send emails to each other, customers should not.
    if I disable mailer extension. nobody can use email.
    on the other hand, if I leave it enabled, and a customer tries to use it, he will see all the groups in address book which are the names of other customers. is it possible to somehow customize or isolate the address book for customers?
    if not, is there a way to have the mailer enabled just for 1 role?

thanks in advance


so for this one you can for example make sure that a role is auto applied to a group, but you always have to manage which user is in a group, you can for example make a role that will be auto applied to a profile of user and therefore upon it’s creation the user will be assigned to a group automatically (but this will work for every user that registers).
Or you can create a group and whenever you assign a user to it, they can be automatically assigned to a role (that you created with your needs) here’s a screen to show you the menu and where it is.
Group Menu

What do you mean by that, each user that has this role should have access to all the workspaces authorized by the role if you create a new workspace you have to edit the role to give it access but you need to do it once,
to give access to every user, you can modify the ‘root group’ which will give access to every created user access to the workspaces specified inside it.

Basically for this one, you can for instance create a group for users that cannot use the mailer or a role,
and disable the mailer inside the workspace for instance.