diff --git a/lib/Command/Resource/CreateResource.php b/lib/Command/Resource/CreateResource.php
index 2df908b..9ca230d 100644
--- a/lib/Command/Resource/CreateResource.php
+++ b/lib/Command/Resource/CreateResource.php
@@ -43,7 +43,7 @@ class CreateResource extends BaseCommand {
 				type: $type,
 				organizationFolderId: $organizationFolder,
 				name: $name,
-				parentResource: $parentResource,
+				parentResourceId: $parentResource,
 
 				membersAclPermission: $membersAclPermission,
 				managersAclPermission: $managersAclPermission,
diff --git a/lib/Manager/ACLManager.php b/lib/Manager/ACLManager.php
index 0082e40..eedd17f 100644
--- a/lib/Manager/ACLManager.php
+++ b/lib/Manager/ACLManager.php
@@ -14,10 +14,10 @@ use OCA\GroupFolders\Folder\FolderManager;
 
 class ACLManager {
     public function __construct(
-        private IDBConnection $db,
-		private FolderManager $folderManager,
-        private IUserMappingManager $userMappingManager,
-        private RuleManager $ruleManager,
+        protected IDBConnection $db,
+		protected FolderManager $folderManager,
+        protected IUserMappingManager $userMappingManager,
+        protected RuleManager $ruleManager,
 	) {
     }
 
@@ -48,7 +48,7 @@ class ACLManager {
         return array_map($this->createRuleEntityFromRow(...), $rows);
     }
 
-    private function ruleMappingComparison(Rule $rule1, Rule $rule2) {
+    protected function ruleMappingComparison(Rule $rule1, Rule $rule2): int {
         $mapping1 = $rule1->getUserMapping();
         $mapping2 = $rule2->getUserMapping();
 
diff --git a/lib/Manager/GroupfolderManager.php b/lib/Manager/GroupfolderManager.php
new file mode 100644
index 0000000..67d4b51
--- /dev/null
+++ b/lib/Manager/GroupfolderManager.php
@@ -0,0 +1,84 @@
+<?php
+
+declare(strict_types=1);
+
+namespace OCA\OrganizationFolders\Manager;
+
+use OCP\DB\QueryBuilder\IQueryBuilder;
+use OCP\IDBConnection;
+use OCP\EventDispatcher\IEventDispatcher;
+use OCP\Log\Audit\CriticalActionPerformedEvent;
+
+use OCA\GroupFolders\Folder\FolderManager;
+
+class GroupfolderManager {
+    public function __construct(
+        protected IDBConnection $db,
+		protected FolderManager $folderManager,
+        protected IEventDispatcher $eventDispatcher,
+    ) {
+    }
+
+    public function getMemberGroups(int $id) {
+		$qb = $this->db->getQueryBuilder();
+		$qb->select('group_id', 'permissions')
+			->from('group_folders_groups')
+            ->where($qb->expr()->eq('folder_id', $qb->createNamedParameter($id, IQueryBuilder::PARAM_INT)));
+
+		return $qb->executeQuery()->fetchAll();
+	}
+
+    // the FolderManager function for this does not allow setting the permissions, defaulting to all permissions :/
+    public function addMemberGroup(int $folderId, string $groupId, int $permissions = \OCP\Constants::PERMISSION_ALL): void {
+		$qb = $this->db->getQueryBuilder();
+
+		$qb->insert('group_folders_groups')
+			->values([
+				'folder_id' => $qb->createNamedParameter($folderId, IQueryBuilder::PARAM_INT),
+				'group_id' => $qb->createNamedParameter($groupId),
+				'circle_id' => $qb->createNamedParameter(''),
+				'permissions' => $qb->createNamedParameter($permissions, IQueryBuilder::PARAM_INT)
+			]);
+		$qb->executeStatement();
+
+		$this->eventDispatcher->dispatchTyped(new CriticalActionPerformedEvent('The group "%s" was given access to the groupfolder with id %d', [$groupId, $folderId]));
+	}
+
+    protected function memberGroupIdComparison(array $memberGroup1, array $memberGroup2): int {
+        return $memberGroup1["group_id"] <=> $memberGroup2["group_id"];
+    }
+
+    protected function memberGroupComparison(array $memberGroup1, array $memberGroup2): int {
+        return $memberGroup1["group_id"] <=> $memberGroup2["group_id"] ?: $memberGroup1["permissions"] <=> $memberGroup2["permissions"];
+    }
+
+    public function overwriteMemberGroups(int $id, array $memberGroups): array {
+        $existingMemberGroups = $this->getMemberGroups($id);
+
+        // new members to be added
+        $newMemberGroups = array_udiff($memberGroups, $existingMemberGroups, $this->memberGroupIdComparison(...));
+
+        // old members to be deleted
+        $removedMemberGroups = array_udiff($existingMemberGroups, $memberGroups, $this->memberGroupIdComparison(...));
+
+        $potentiallyUpdatedMemberGroups = array_uintersect($memberGroups, $existingMemberGroups, $this->memberGroupIdComparison(...));
+        $notUpdatedMemberGroups = array_uintersect($memberGroups, $existingMemberGroups, $this->memberGroupComparison(...));
+
+        // member groups with changed permissions
+        $updatedMemberGroups = array_udiff($potentiallyUpdatedMemberGroups, $notUpdatedMemberGroups, $this->memberGroupIdComparison(...));
+
+        foreach($removedMemberGroups as $removedMemberGroup) {
+            $this->folderManager->removeApplicableGroup($id, $removedMemberGroup["group_id"]);
+        }
+
+        foreach($newMemberGroups as $newMemberGroup) {
+            $this->addMemberGroup($id, $newMemberGroup["group_id"], $newMemberGroup["permissions"]);
+        }
+
+        foreach($updatedMemberGroups as $updatedMemberGroup) {
+            $this->folderManager->setGroupPermissions($id, $updatedMemberGroup["group_id"], $updatedMemberGroup["permissions"]);
+        }
+
+        return ["created" => $newMemberGroups, "removed" => $removedMemberGroups, "updated" => $updatedMemberGroups];
+    }
+}
diff --git a/lib/Model/OrganizationFolder.php b/lib/Model/OrganizationFolder.php
index bf06ef8..2a70c79 100644
--- a/lib/Model/OrganizationFolder.php
+++ b/lib/Model/OrganizationFolder.php
@@ -27,11 +27,11 @@ class OrganizationFolder implements JsonSerializable, TableSerializable {
 		return $this->quota;
 	}
 
-	public function getOrganizationProvider(): string {
+	public function getOrganizationProvider(): ?string {
 		return $this->organizationProvider;
 	}
 
-	public function getOrganizationId(): int {
+	public function getOrganizationId(): ?int {
 		return $this->organizationId;
 	}
 
diff --git a/lib/Service/OrganizationFolderService.php b/lib/Service/OrganizationFolderService.php
index 200d436..9c3f87b 100644
--- a/lib/Service/OrganizationFolderService.php
+++ b/lib/Service/OrganizationFolderService.php
@@ -38,7 +38,7 @@ class OrganizationFolderService {
                 name: $groupfolder["mount_point"],
                 quota: $groupfolder["quota"],
                 organizationProvider: $groupfolder["organization_provider"],
-                organizationId: $groupfolder["organization_id"],
+                organizationId: (int)$groupfolder["organization_id"],
             );
         }
 
@@ -59,7 +59,7 @@ class OrganizationFolderService {
             name: $groupfolder["mount_point"],
             quota: $groupfolder["quota"],
             organizationProvider: $groupfolder["organization_provider"],
-            organizationId: $groupfolder["organization_id"],
+            organizationId: (int)$groupfolder["organization_id"],
         );
     }