[Bot] push changes from Files.com

Author: files-opensource-bot

README.md

@@ -664,7 +664,6 @@ Error
 |     `NotAuthorized_ApiKeyOnlyForDesktopAppError`|  `NotAuthorizedError` |
 |     `NotAuthorized_ApiKeyOnlyForMobileAppError`|  `NotAuthorizedError` |
 |     `NotAuthorized_ApiKeyOnlyForOfficeIntegrationError`|  `NotAuthorizedError` |
-|     `NotAuthorized_BillingOrSiteAdminPermissionRequiredError`|  `NotAuthorizedError` |
 |     `NotAuthorized_BillingPermissionRequiredError`|  `NotAuthorizedError` |
 |     `NotAuthorized_BundleMaximumUsesReachedError`|  `NotAuthorizedError` |
 |     `NotAuthorized_BundlePermissionRequiredError`|  `NotAuthorizedError` |
@@ -696,6 +695,11 @@ Error
 |     `NotAuthorized_ReauthenticationNeededActionError`|  `NotAuthorizedError` |
 |     `NotAuthorized_RecaptchaFailedError`|  `NotAuthorizedError` |
 |     `NotAuthorized_SelfManagedRequiredError`|  `NotAuthorizedError` |
+|     `NotAuthorized_SiteAdminOrPartnerAdminPermissionRequiredError`|  `NotAuthorizedError` |
+|     `NotAuthorized_SiteAdminOrWorkspaceAdminOrFolderAdminPermissionRequiredError`|  `NotAuthorizedError` |
+|     `NotAuthorized_SiteAdminOrWorkspaceAdminOrPartnerAdminOrFolderAdminPermissionRequiredError`|  `NotAuthorizedError` |
+|     `NotAuthorized_SiteAdminOrWorkspaceAdminOrPartnerAdminPermissionRequiredError`|  `NotAuthorizedError` |
+|     `NotAuthorized_SiteAdminOrWorkspaceAdminPermissionRequiredError`|  `NotAuthorizedError` |
 |     `NotAuthorized_SiteAdminRequiredError`|  `NotAuthorizedError` |
 |     `NotAuthorized_SiteFilesAreImmutableError`|  `NotAuthorizedError` |
 |     `NotAuthorized_TwoFactorAuthenticationRequiredError`|  `NotAuthorizedError` |

_VERSION

@@ -1 +1 @@
-1.2.606
+1.2.607

docs/Errors.md

@@ -116,7 +116,6 @@ These errors are derived from the error groups listed above.
 ### NotAuthorized_ApiKeyOnlyForDesktopAppError
 ### NotAuthorized_ApiKeyOnlyForMobileAppError
 ### NotAuthorized_ApiKeyOnlyForOfficeIntegrationError
-### NotAuthorized_BillingOrSiteAdminPermissionRequiredError
 ### NotAuthorized_BillingPermissionRequiredError
 ### NotAuthorized_BundleMaximumUsesReachedError
 ### NotAuthorized_BundlePermissionRequiredError
@@ -148,6 +147,11 @@ These errors are derived from the error groups listed above.
 ### NotAuthorized_ReauthenticationNeededActionError
 ### NotAuthorized_RecaptchaFailedError
 ### NotAuthorized_SelfManagedRequiredError
+### NotAuthorized_SiteAdminOrPartnerAdminPermissionRequiredError
+### NotAuthorized_SiteAdminOrWorkspaceAdminOrFolderAdminPermissionRequiredError
+### NotAuthorized_SiteAdminOrWorkspaceAdminOrPartnerAdminOrFolderAdminPermissionRequiredError
+### NotAuthorized_SiteAdminOrWorkspaceAdminOrPartnerAdminPermissionRequiredError
+### NotAuthorized_SiteAdminOrWorkspaceAdminPermissionRequiredError
 ### NotAuthorized_SiteAdminRequiredError
 ### NotAuthorized_SiteFilesAreImmutableError
 ### NotAuthorized_TwoFactorAuthenticationRequiredError

docs/models/Partner.md

@@ -5,6 +5,7 @@
 ```
 {
   "allow_bypassing_2fa_policies": true,
+  "allowed_ips": "10.0.0.0/8\n127.0.0.1",
   "allow_credential_changes": true,
   "allow_providing_gpg_keys": true,
   "allow_user_creation": true,
@@ -28,6 +29,7 @@
 ```
 
 * `allow_bypassing_2fa_policies` (boolean): Allow Partner Admins to change Two-Factor Authentication requirements for Partner Users.
+* `allowed_ips` (string): A list of allowed IPs for this Partner. Newline delimited. Partner User IP access is allowed when the IP matches the Partner, User, or Site allowed IP lists.
 * `allow_credential_changes` (boolean): Allow Partner Admins to change or reset credentials for users belonging to this Partner.
 * `allow_providing_gpg_keys` (boolean): Allow Partner Admins to provide GPG keys.
 * `allow_user_creation` (boolean): Allow Partner Admins to create users.
@@ -75,6 +77,7 @@ await Partner.find(id)
 
 ```
 await Partner.create({
+  'allowed_ips': "10.0.0.0/8\n127.0.0.1",
   'allow_bypassing_2fa_policies': false,
   'allow_credential_changes': false,
   'allow_providing_gpg_keys': false,
@@ -90,6 +93,7 @@ await Partner.create({
 
 ### Parameters
 
+* `allowed_ips` (string): A list of allowed IPs for this Partner. Newline delimited. Partner User IP access is allowed when the IP matches the Partner, User, or Site allowed IP lists.
 * `allow_bypassing_2fa_policies` (boolean): Allow Partner Admins to change Two-Factor Authentication requirements for Partner Users.
 * `allow_credential_changes` (boolean): Allow Partner Admins to change or reset credentials for users belonging to this Partner.
 * `allow_providing_gpg_keys` (boolean): Allow Partner Admins to provide GPG keys.
@@ -108,6 +112,7 @@ await Partner.create({
 const partner = await Partner.find(id)
 
 await partner.update({
+  'allowed_ips': "10.0.0.0/8\n127.0.0.1",
   'allow_bypassing_2fa_policies': false,
   'allow_credential_changes': false,
   'allow_providing_gpg_keys': false,
@@ -122,6 +127,7 @@ await partner.update({
 ### Parameters
 
 * `id` (int64): Required - Partner ID.
+* `allowed_ips` (string): A list of allowed IPs for this Partner. Newline delimited. Partner User IP access is allowed when the IP matches the Partner, User, or Site allowed IP lists.
 * `allow_bypassing_2fa_policies` (boolean): Allow Partner Admins to change Two-Factor Authentication requirements for Partner Users.
 * `allow_credential_changes` (boolean): Allow Partner Admins to change or reset credentials for users belonging to this Partner.
 * `allow_providing_gpg_keys` (boolean): Allow Partner Admins to provide GPG keys.
@@ -136,6 +142,7 @@ await partner.update({
 ```json
 {
   "allow_bypassing_2fa_policies": true,
+  "allowed_ips": "10.0.0.0/8\n127.0.0.1",
   "allow_credential_changes": true,
   "allow_providing_gpg_keys": true,
   "allow_user_creation": true,

docs/models/Site.md

@@ -88,6 +88,12 @@
   "non_sso_groups_allowed": true,
   "non_sso_users_allowed": true,
   "folder_permissions_groups_only": true,
+  "group_admins_can_add_users": true,
+  "group_admins_can_delete_users": true,
+  "group_admins_can_enable_disable_users": true,
+  "group_admins_can_modify_users": true,
+  "group_admins_can_reset_passwords": true,
+  "group_admins_can_set_user_password": true,
   "hipaa": true,
   "icon128": {
     "name": "My logo",
@@ -270,6 +276,7 @@
     "partner_name": "example",
     "password_set_at": "2000-01-01T01:00:00Z",
     "password_validity_days": 1,
+    "primary_group_id": 1,
     "public_keys_count": 1,
     "receive_admin_alerts": true,
     "require_2fa": "always_require",
@@ -315,8 +322,7 @@
   "welcome_email_subject": "example",
   "welcome_email_enabled": true,
   "welcome_screen": "user_controlled",
-  "windows_mode_ftp": true,
-  "group_admins_can_set_user_password": true
+  "windows_mode_ftp": true
 }
 ```
 
@@ -395,6 +401,12 @@
 * `non_sso_groups_allowed` (boolean): If true, groups can be manually created / modified / deleted by Site Admins. Otherwise, groups can only be managed via your SSO provider.
 * `non_sso_users_allowed` (boolean): If true, users can be manually created / modified / deleted by Site Admins. Otherwise, users can only be managed via your SSO provider.
 * `folder_permissions_groups_only` (boolean): If true, permissions for this site must be bound to a group (not a user).
+* `group_admins_can_add_users` (boolean): Allow group admins to create users in their groups
+* `group_admins_can_delete_users` (boolean): Allow group admins to delete users in their groups
+* `group_admins_can_enable_disable_users` (boolean): Allow group admins to enable or disable users in their groups
+* `group_admins_can_modify_users` (boolean): Allow group admins to modify users in their groups
+* `group_admins_can_reset_passwords` (boolean): Allow group admins to reset passwords for users in their groups
+* `group_admins_can_set_user_password` (boolean): Allow group admins to set password authentication method
 * `hipaa` (boolean): Is there a signed HIPAA BAA between Files.com and this site?
 * `icon128` (Image): Branded icon 128x128
 * `icon16` (Image): Branded icon 16x16
@@ -496,7 +508,6 @@
 * `welcome_email_enabled` (boolean): Will the welcome email be sent to new users?
 * `welcome_screen` (string): Does the welcome screen appear?
 * `windows_mode_ftp` (boolean): Does FTP user Windows emulation mode?
-* `group_admins_can_set_user_password` (boolean): Allow group admins set password authentication method
 
 ---
 
@@ -626,6 +637,11 @@ await Site.update({
   'protocol_access_groups_only': false,
   'revoke_bundle_access_on_disable_or_delete': false,
   'bundle_watermark_value': {"key":"example value"},
+  'group_admins_can_add_users': false,
+  'group_admins_can_delete_users': false,
+  'group_admins_can_enable_disable_users': false,
+  'group_admins_can_modify_users': false,
+  'group_admins_can_reset_passwords': false,
   'group_admins_can_set_user_password': false,
   'bundle_recipient_blacklist_free_email_domains': false,
   'bundle_recipient_blacklist_domains': ["example"],
@@ -792,7 +808,12 @@ await Site.update({
 * `protocol_access_groups_only` (boolean): If true, protocol access permissions on users will be ignored, and only protocol access permissions set on Groups will be honored.  Make sure that your current user is a member of a group with API permission when changing this value to avoid locking yourself out of your site.
 * `revoke_bundle_access_on_disable_or_delete` (boolean): Auto-removes bundles for disabled/deleted users and enforces bundle expiry within user access period.
 * `bundle_watermark_value` (object): Preview watermark settings applied to all bundle items. Uses the same keys as Behavior.value
-* `group_admins_can_set_user_password` (boolean): Allow group admins set password authentication method
+* `group_admins_can_add_users` (boolean): Allow group admins to create users in their groups
+* `group_admins_can_delete_users` (boolean): Allow group admins to delete users in their groups
+* `group_admins_can_enable_disable_users` (boolean): Allow group admins to enable or disable users in their groups
+* `group_admins_can_modify_users` (boolean): Allow group admins to modify users in their groups
+* `group_admins_can_reset_passwords` (boolean): Allow group admins to reset passwords for users in their groups
+* `group_admins_can_set_user_password` (boolean): Allow group admins to set password authentication method
 * `bundle_recipient_blacklist_free_email_domains` (boolean): Disallow free email domains for Bundle/Inbox recipients?
 * `bundle_recipient_blacklist_domains` (array(string)): List of email domains to disallow when entering a Bundle/Inbox recipients
 * `admins_bypass_locked_subfolders` (boolean): Allow admins to bypass the locked subfolders setting.

docs/models/User.md

@@ -52,6 +52,7 @@
   "partner_name": "example",
   "password_set_at": "2000-01-01T01:00:00Z",
   "password_validity_days": 1,
+  "primary_group_id": 1,
   "public_keys_count": 1,
   "receive_admin_alerts": true,
   "require_2fa": "always_require",
@@ -129,6 +130,7 @@
 * `partner_name` (string): Name of the Partner if this user belongs to a Partner
 * `password_set_at` (date-time): Last time the user's password was set
 * `password_validity_days` (int64): Number of days to allow user to use the same password
+* `primary_group_id` (int64): Primary group ID for Group Admin scoping
 * `public_keys_count` (int64): Number of public keys associated with this user
 * `receive_admin_alerts` (boolean): Should the user receive admin alerts such a certificate expiration notifications and overages?
 * `require_2fa` (string): 2FA required setting
@@ -242,6 +244,7 @@ await User.create({
   'partner_admin': true,
   'partner_id': 1,
   'password_validity_days': 1,
+  'primary_group_id': 1,
   'readonly_site_admin': true,
   'receive_admin_alerts': true,
   'require_login_by': "2000-01-01T01:00:00Z",
@@ -302,6 +305,7 @@ await User.create({
 * `partner_admin` (boolean): Is this user a Partner administrator?
 * `partner_id` (int64): Partner ID if this user belongs to a Partner
 * `password_validity_days` (int64): Number of days to allow user to use the same password
+* `primary_group_id` (int64): Primary group ID for Group Admin scoping
 * `readonly_site_admin` (boolean): Is the user an allowed to view all (non-billing) site configuration for this site?
 * `receive_admin_alerts` (boolean): Should the user receive admin alerts such a certificate expiration notifications and overages?
 * `require_login_by` (string): Require user to login by specified date otherwise it will be disabled.
@@ -403,6 +407,7 @@ await user.update({
   'partner_admin': true,
   'partner_id': 1,
   'password_validity_days': 1,
+  'primary_group_id': 1,
   'readonly_site_admin': true,
   'receive_admin_alerts': true,
   'require_login_by': "2000-01-01T01:00:00Z",
@@ -464,6 +469,7 @@ await user.update({
 * `partner_admin` (boolean): Is this user a Partner administrator?
 * `partner_id` (int64): Partner ID if this user belongs to a Partner
 * `password_validity_days` (int64): Number of days to allow user to use the same password
+* `primary_group_id` (int64): Primary group ID for Group Admin scoping
 * `readonly_site_admin` (boolean): Is the user an allowed to view all (non-billing) site configuration for this site?
 * `receive_admin_alerts` (boolean): Should the user receive admin alerts such a certificate expiration notifications and overages?
 * `require_login_by` (string): Require user to login by specified date otherwise it will be disabled.
@@ -538,6 +544,7 @@ await user.update({
   "partner_name": "example",
   "password_set_at": "2000-01-01T01:00:00Z",
   "password_validity_days": 1,
+  "primary_group_id": 1,
   "public_keys_count": 1,
   "receive_admin_alerts": true,
   "require_2fa": "always_require",