feat: add EditorLitePlus sharing role (edit without delete)

[flash7777]

Summary

Adds a new sharing role EditorLitePlus that grants all editor permissions except delete.

Motivation

There is currently a gap between the existing sharing roles:

Role	Download	Upload	Edit	Create	Delete	Move
Viewer	x	-	-	-	-	-
EditorLite	x	x	-	x	-	x
EditorLitePlus (new)	x	x	x	x	-	x
Editor	x	x	x	x	x	x

EditorLite allows uploading but not editing existing files. Editor allows everything including deletion. There is no role that lets users fully edit and create content while preventing deletion.

This is needed for shared project folders, document management scenarios and compliance use cases where accidental or unauthorized deletion must be prevented.

Changes

• vendor/.../reva/v2/pkg/conversions/role.go: Add RoleEditorLitePlus constant and NewEditorLitePlusRole()
• services/graph/pkg/unifiedrole/roles.go: Add role definition (weight 55, between EditorLite and Editor)
• services/graph/pkg/unifiedrole/conversion.go: Add display name mapping

Details

Uses only existing CS3 ResourcePermissions — no proto changes needed.

Explicitly excluded: Delete, PurgeRecycle, ListRecycle, RestoreRecycleItem.

Overwriting existing files is allowed (uses InitiateFileUpload, not Delete). Old versions are preserved as revisions.

Enabled by default.

Test plan

• Role appears in sharing dialog for folders
• User with EditorLitePlus can upload, edit, create folders, move files
• User with EditorLitePlus cannot delete files or folders
• User with EditorLitePlus can overwrite existing files (old version becomes revision)
• Existing roles are unaffected

[flash7777]

Context

We are developing an EDMS (Electronic Document Management System) layer on top of OpenCloud for German municipalities. A recurring requirement is that users should be able to work freely with documents — create, edit, upload — but not delete them. Deletion should be reserved for managers or administrators.

Today, the only option is the full Editor role which includes delete, or EditorLite which lacks the ability to edit existing files. There is no middle ground.

EditorLitePlus fills exactly this gap. It is a minimal, non-breaking addition that reuses existing CS3 permissions. No proto changes, no new APIs — just a new combination of existing permission flags.

We see this as useful beyond our EDMS project: shared team folders, student workspaces, compliance-driven environments — anywhere where "edit yes, delete no" is the desired policy.

[codacy-production]

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 111 complexity · 40 duplication

Metric	Results
Complexity	111
Duplication	40

View in Codacy

_{NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.}