WordPress.org

Hrvatski

Nabavite WordPress
WordPress.org

Plugin Directory

Mikesoft TeamVault

Mikesoft TeamVault

Od Mikesoft
Preuzmi

Opis

Mikesoft TeamVault adds a private document workspace inside the WordPress admin for teams, agencies, partners, and back-office operations that need controlled access to shared files.

Instead of exposing documents through normal Media Library URLs, TeamVault keeps files in protected storage and delivers access through authenticated WordPress workflows.

TeamVault is a strong fit for:

  • internal company document areas
  • agency-to-client document sharing managed from WordPress admin
  • partner or vendor file exchanges that should stay private
  • operational archives that must stay separate from the public Media Library

What you can do with TeamVault:

  • Upload files with drag and drop
  • Organize documents in folders
  • Rename, move, preview, download, and delete files from one interface
  • Export a folder or the full library as ZIP
  • Track uploads, downloads, moves, and deletions in the activity log

Why use TeamVault instead of the Media Library?

  • It creates a dedicated private workspace for documents that should not mix with public website assets.
  • It adds capability-based access control with an optional per-user whitelist.
  • It keeps storage, maintenance, and export workflows focused on private documents instead of general media management.

Privacy and access control:

  • Files are stored outside the normal Media Library workflow
  • Access is controlled by the manage_private_documents capability, which allows full workspace actions including upload, download, export, rename, move, and delete
  • Settings, activity logs, whitelist management, and maintenance tools require administrator-level manage_options access
  • Optional whitelist mode adds a second authorization layer for selected users
  • Cleanup and reindex tools help recover from migrations with missing binaries

Key features:

  • Private document storage separated from the Media Library workflow
  • Capability-based access control with optional per-user whitelist mode
  • Folder create, rename, move, and delete operations
  • Drag-and-drop uploads with upload validation
  • Inline preview for supported files, including PDFs
  • ZIP export for folders or the full library
  • Activity logging for uploads, downloads, moves, and deletions
  • Maintenance tools for orphan cleanup and storage reindex
  • Storage widget focused on the space used by TeamVault files
  • English interface with optional Italian translation

Snimke zaslona

  • TeamVault file manager with folder navigation, private file cards, upload/export controls, and the file details panel.

Instalacija

  1. Upload the mikesoft-teamvault folder to /wp-content/plugins/, or install it from the WordPress plugin screen.
  2. Activate the plugin.
  3. Open TeamVault > Settings.
  4. Review the allowed file types and access settings.
  5. Create folders and start uploading private documents.

ČPP

Are the files really private?

TeamVault is designed to keep files private by storing them outside the normal Media Library workflow and restricting access through authenticated WordPress workflows. Protection still depends on the server environment and the storage rules generated by the plugin.

Is TeamVault a replacement for the Media Library?

No. TeamVault is designed for private operational documents that should stay separate from the public Media Library and normal website assets.

Who can access TeamVault by default?

New activations grant the manage_private_documents capability to Administrators only. You can enable whitelist mode to limit workspace access to selected users.

Sites upgraded from older releases should review existing role capabilities and whitelist settings if Editors previously had TeamVault access.

Are file URLs public?

TeamVault is designed to avoid normal public Media Library URLs by routing access through authenticated WordPress workflows. The exact storage protection still depends on the server environment and the generated storage rules.

Apache/LiteSpeed can enforce the generated .htaccess, IIS can enforce web.config, and Nginx requires an equivalent deny rule for /wp-content/uploads/private-documents/. For high-sensitivity deployments, use a custom storage path outside the public webroot.

Can non-admin users access TeamVault?

Yes, if they have the required capability and, when whitelist mode is enabled, they are explicitly allowed in the plugin settings.

Can I change the storage directory?

The plugin supports a custom writable storage path at code/configuration level, but the standard admin workflow is built around the default private storage location.

What happens if I migrate the database but not the private files?

The database records can remain visible even if the original binaries are missing. TeamVault includes cleanup and reindex maintenance tools for these recovery scenarios.

Does the plugin support PDF preview?

Yes. Inline PDF preview can be enabled or disabled in the settings.

What does the storage widget show?

The sidebar widget shows only the space used by TeamVault files. On many shared hosting platforms, PHP cannot reliably read the account quota shown by the hosting panel, so the plugin avoids showing misleading total or available values.

What happens on uninstall?

By default, TeamVault keeps its data for safety. You can enable full data removal before uninstall if you want the plugin to delete its files, folders, logs, and settings.

Recenzije

A useful file vault with some permission gaps

05. svibnja 2026. 1 odgovor
Mikesoft TeamVault does the basics well. Files are protected from direct URL access, you can restrict uploads by file type, and access control is handled per user and capability. The permission system could be better. There are no separate rights per folder, and no distinction between read and write access, which makes control difficult. I covered it in more detail in my latest Plugin Check video on @wordpress103 on Youtube.
Pročitajte 1 recenziju

Suradnici i Programeri

“Mikesoft TeamVault” je softver otvorenog koda. Sljedeće osobe su doprinijele ovom dodatku.

Suradnici

Prevedite “Mikesoft TeamVault” na svoj jezik.

Zainteresirani ste za razvoj?

Pregledajte kôd, pogledajte SVN spremišteili se pretplatite na dnevnik razvoja od RSS.

Dnevnik promjena

2.0.7

  • Fixed stale file browser refresh behavior in local and proxy-backed environments by adding cache-busting to TeamVault browser/search requests.
  • Disabled HTTP caching on browser/search REST responses so file and folder changes are visible immediately after create, upload, rename, move, and delete actions.
  • Improved client-side upload size validation so it also respects the effective PHP upload and post limits before sending oversized files.
  • Split REST permission callbacks into explicit read, write, and delete guards while preserving the current capability model.
  • Hardened ZIP export temporary file generation and readability checks.
  • Updated the in-plugin admin logo color to TeamVault blue.

2.0.6

  • Fixed file list not refreshing immediately after delete file, delete folder, rename file, rename folder, and move file operations.
  • Disabled HTTP caching for browser/search REST responses so local environments show changes immediately.
  • Fixed ZIP export temporary file collisions and readability checks.

2.0.5

  • Fixed new files and folders not appearing immediately after upload or folder creation.
  • Fixed storage security notice reappearing on every page load with no way to dismiss it.
  • Fixed JavaScript event listener accumulation on context menu and folder tree toggle.
  • Fixed concurrent navigation requests corrupting the file list with stale data.
  • Hardened download and preview streams: readable check before headers, MIME type sanitized against response splitting.
  • Fixed several PHP correctness issues: wp_mkdir_p return value, finfo resource leak, tmp_name path handling, strtotime false guard.
  • Fixed XSS vector in user search autocomplete via unescaped username attribute.
  • Added sanitize_callback to REST API string parameters for WordPress.org compliance.

2.0.4

  • Improved the upload error message when a file exceeds the size limit so it now shows the file name, its actual size, and the configured maximum.
  • Added a client-side size check before upload so users get immediate feedback without waiting for a server round-trip.

2.0.3

  • Hardened TeamVault filesystem boundary checks and rejected symlink traversal inside private storage operations.
  • Added safer reindex validation so unsafe or disallowed files are skipped and reported.
  • Switched activity log IP capture to the direct server address instead of spoofable forwarding headers.
  • Added an administrator storage notice when the private document path is inside the public uploads tree.
  • Changed new activations so only Administrators receive TeamVault document access by default.

2.0.2

  • Fixed TeamVault REST requests on sites that use plain permalinks instead of pretty permalinks.
  • Improved upload feedback when PHP rejects an oversized request before a file reaches TeamVault validation.

2.0.1

  • Added the TeamVault file manager screenshot to the WordPress.org listing and GitHub documentation.
  • Completed Italian interface translation coverage and removed stale translation entries.
  • Fixed the move-file validation message shown when a file is already in the destination folder.

2.0.0

  • Major security and reliability release for stricter administrator-only controls.
  • Settings, activity logs, whitelist management, maintenance tools, and uninstall data controls now require administrator-level access.
  • Reduced user data exposure by removing email search and email fields from the user search REST response.
  • Improved large-file handling for uploads, downloads, previews, and ZIP exports while keeping Plugin Checker compatibility annotations in place.
  • Added regression coverage for administrator-only controls and user search privacy.

1.3.6

  • Restricted TeamVault settings, activity logs, whitelist management, and maintenance tools to administrator-level access.
  • Reduced user search exposure by removing email search and email data from the REST response.
  • Improved large-file handling by streaming uploads, downloads, previews, and ZIP exports in chunks instead of loading full files into memory.
  • Added regression coverage for administrator-only controls and user search privacy.

1.1.35

  • Improved the WordPress.org plugin page copy with clearer positioning, use cases, and privacy messaging.
  • Expanded FAQs to better explain private access, Media Library differences, and user access control.

1.1.34

  • Simplified the storage widget to show only the space used by TeamVault files.
  • Fixed TeamVault storage totals so they are calculated from the registered files that still exist on disk.
  • Persisted the detected on-disk file size during upload so new records stay aligned with the physical file size.

1.1.33

  • Clarified storage usage in the sidebar with separate TeamVault, available, and total capacity metrics.
  • Fixed TeamVault storage totals so they reflect the real filesystem size of stored files.

1.1.32

  • Clarified release metadata and WordPress.org asset documentation for the latest maintenance release.

1.1.31

  • Improved whitelist input handling for safer user access settings processing.

1.1.30

  • Fixed whitelist user selection visibility in settings.
  • Fixed persistence of selected whitelist users.

1.1.29

  • Added TeamVault branding in the admin interface.

For the full release history, see changelog.txt in the plugin package.

Meta

Ocjena

4 out of 5 stars.

Your review

See all reviews

Suradnici

Podrška

Problemi riješeni u zadnja dva mjeseca:

1 od 1

Pregledaj forum za podršku