Summary
When workflow_ocr processes a file, the resulting version author and the
file activity are attributed to the file owner ("You"), not to an automated
system actor. As a result an automated OCR operation is indistinguishable
from a manual user edit in the audit trail.
Root cause (as I understand it)
lib/Service/OcrService.php calls userSession->setUser($owner) before
writing the OCR'd file back and creating the version (and setUser(null)
afterwards). The impersonation is technically necessary for filesystem access,
but it means the version metadata + activity inherit the owner as author.
Why this matters (compliance / ISMS)
In a compliance / ISMS context, accountability & non-repudiation require
that automated system actions are clearly distinguishable from manual user
actions. Attributing an automated OCR to a real user weakens the audit trail
("who actually did this?").
Current mitigations (helpful, but not sufficient)
- The
Before OCR version label signals an OCR result.
- The configurable "assign tag after OCR" marks processed files.
These document that OCR happened, but not that it was automated vs. manual.
Request
Please consider an option to attribute OCR operations (version author + activity)
to a configurable system/service actor (or Nextcloud's system actor),
instead of the impersonated file owner — at minimum as an opt-in setting.
Environment
- workflow_ocr: 1.33.1
- Nextcloud: 33.0.5
- Mode: local backend (ocrmypdf), Flow trigger on file create + PDF

Summary
When
workflow_ocrprocesses a file, the resulting version author and thefile activity are attributed to the file owner ("You"), not to an automated
system actor. As a result an automated OCR operation is indistinguishable
from a manual user edit in the audit trail.
Root cause (as I understand it)
lib/Service/OcrService.phpcallsuserSession->setUser($owner)beforewriting the OCR'd file back and creating the version (and
setUser(null)afterwards). The impersonation is technically necessary for filesystem access,
but it means the version metadata + activity inherit the owner as author.
Why this matters (compliance / ISMS)
In a compliance / ISMS context, accountability & non-repudiation require
that automated system actions are clearly distinguishable from manual user
actions. Attributing an automated OCR to a real user weakens the audit trail
("who actually did this?").
Current mitigations (helpful, but not sufficient)
Before OCRversion label signals an OCR result.These document that OCR happened, but not that it was automated vs. manual.
Request
Please consider an option to attribute OCR operations (version author + activity)
to a configurable system/service actor (or Nextcloud's system actor),
instead of the impersonated file owner — at minimum as an opt-in setting.
Environment