Share Review

This app can be used for auditing shares within a Nextcloud instance e.g. for data loss prevention. Share status can be exported for documentation.

• Review any file share
  • files, talk, deck, teams, federation
  • app specific shares (if implemented by other apps)
• Remove shares
• Confirm current review
  • show only new shares next time
• Audit compliance
• Assign review to user groups (e.g. audit or risk mgmt)
• Export as CSV or PDF (manual or regular background job)

Note:

The app must be restricted to at least one specific user group in the app store. This prevents accidental exposure of the shared content to all users.

Register shares from another app

Other Nextcloud apps can add their own share types to Share Review by listening for OCA\ShareReview\Sources\SourceEvent. The registered source class is resolved from Nextcloud's dependency injection container when Share Review loads the share list.

1. Register an event listener

Register the listener in the external app's Application::register() method:

use OCA\MyApp\ShareReview\ShareReviewListener;
use OCA\ShareReview\Sources\SourceEvent;

public function register(IRegistrationContext $context): void {
	$context->registerEventListener(SourceEvent::class, ShareReviewListener::class);
}

2. Register the source class

The listener adds the source class to the event:

namespace OCA\MyApp\ShareReview;

use OCA\ShareReview\Sources\SourceEvent;
use OCP\EventDispatcher\Event;
use OCP\EventDispatcher\IEventListener;

class ShareReviewListener implements IEventListener {
	public function handle(Event $event): void {
		if (!$event instanceof SourceEvent) {
			return;
		}

		$event->registerSource(ShareReviewSource::class);
	}
}

3. Implement the source

The source class must provide these methods:

namespace OCA\MyApp\ShareReview;

use OCA\ShareReview\Sources\ISource;

class ShareReviewSource implements ISource {
	public function getName(): string {
		return 'MyApp';
	}

	public function getShares(): array {
		return [
			[
				'id' => 123, // Unique app-specific identifier passed to deleteShare().
				'object' => 'Example object', // Display name, such as a file path or report name.
				'initiator' => 'alice', // User ID of the initiator.
				'type' => 0, // One of the OCP\Share\IShare type constants.
				'recipient' => 'bob', // User ID, group ID, email address, or link token.
				'permissions' => 1, // Permission bitmask. Use 1 as the default if not set.
				'password' => true, // Whether the share is password protected. Do not return the password.
				'expiration' => '2026-12-31', // Optional expiration date displayed for the share.
				'time' => '2026-05-31 12:00:00', // Creation time. Use '1970-01-01 01:00:00' if null.
				'action' => '', // Optional deletion identifier override. Empty uses id.
			],
		];
	}

	public function deleteShare(string $shareId): bool {
		// Delete the app-specific share and return whether deletion succeeded.
		return true;
	}
}

See the Analytics integration for a working implementation.

Maintainers

• Marcel Scherello (author, project leader)

Support

Thank you to PhpStorm from JetBrains

---