File repositories are external storage provider (e.g. Google Cloud Storage) that can be used to store encrypted data. The data is encrypted in the browser, and then uploaded to the repository. The data is uploaded directly to the repository without passing through the psono server. The file repository provider has no way to gain access to the decrypted files.
File repository configuration can be shared with other users to allow them to upload something to the providers themself, without the hassle that every use has to configure the repository. The possibility to download a file is controlled similar to the capabilities to access secrets by the share permissions.
The permissions in detail:
|No||-||-||-||Can only download a file (if the share permissions allow him that)|
|Yes||No||No||No||Can upload files to this file repository, yet no administrative capabilities like accessing the config or sharing it with others|
|Yes||Yes||No||No||Can read the configuration of the external storage provider e.g. access secrets|
|Yes||No||Yes||No||Can update the configuration of the external storage provider|
|Yes||No||No||Yes||Can change the rights of himself and other users and share it with other users|