We are using Open OnDemand in a secure IT environment for health-related data (https://www.biomedit.ch/) and we are missing an important feature for us.
For some of our projects we would like to restrict the data transfers to make sure that users cannot leak any data from inside the secure space, either unintentionally or on purpose. It would be great if Open OnDemand would provide a config flag to disable the “Upload” and “Download” buttons in the file manager. Is this possible?
Our ideal setup would be to be able to define a group (e.g. members of group “data-managers”) who can transfer files and restrict transfer for anyone else not belonging to this group. But just being able to restrict transfers for everyone would solve our main use case.
We are aware that we can restrict access to the file manager app by removing access al the file system level but we guess this would break the functionality for some other apps. Ideally we would like to restrict just file transfers.
Currently there is no way in the initial config to do something like this, however I think we could add something to check whether we want the view to display that button depending on the group.
We have an issue from someone already about this and I’ve opened an issue to specifically try to build this into the codebase for configuration.
And the associated issue I’ve opened to try and build a solution:
Sorry that is not possible now, but it is on our radar to do so thank you for the input!