In this topic, we're talking about permissions, ie "how to make this photo visible only to my family and not to my friends".
Currently in 1.7, the system is the very same as in 1.0, ie permissions are managed at category level. This was a technical decision, not functionnal one. I mean that if I had known how to manage permissions at photo level, I would have coded it this way since the beginning.
On Butterfly (code name for next PhpWebGallery "big" release), rvelices has added the "privacy level" on each image. I find it is a major improvement in term of user experience : it is easy to understand. In term of code, it is also much better because we don't use categories (organization of your gallery) for permissions management.
I want to remove the existing category based permission management system and to only keep rvelices image privacy level system. Next "big" release will really be a "big" release. We can afford to make such changes.
As it currently exists on Butterfly, the image privacy level has to be improved to make it more user friendly : I propose the "privacy rules". For example a privacy rule would be "if the photo is tagged "mother", set the privacy level to 4 (family)", another rule could be "if the photo can be seen under the "event/2008" category, set the privacy level to 2 (friends)". This way, tags and categories are not directly used for permission management, but can be used in some privacy rules.
This major code change will simplify a lot coding (good for developers) and permission management (good for users).
To illustrate how painful the current system is in term of coding, I give you the example of tags : to know which tags a user can see, PhpWebGallery must first list photos belonging to reachable categories, and then see tags related to these photos (and my very recent benchmark has shown it had a strong performance impact).
So I would like to have your feedback (team and user community) before switching and your suggestions about what must not be forgotten. I have already talked with rvelices who agrees (of course.... image privacy level was designed/coded by him).
For french readers : you can read old (but unachieved) [Forum, topic 8075] , [Forum, topic 10539] . But please, give your feedback in this topic.
Offline
Group will be removed?
So, after migration current permissions will be translated to privacy rules based on category and group/user?
If there are some privacy rules, the best is kept?
How to hide a category? A category without candidate pictures or candidate category will be hidden?
It's perhaps necessary to supply plugin witch allows to keep same functionality of version <= 1.7?
With privacy rules, the complexity will be occur quicly => a good ergonomic to manage this, it's necessary.
Offline
rub wrote:
Group will be removed?
As group are currently used only for permission management, I would say "yes, group are no more useful". But we may find another use to groups. For example, to filter users before notification by email.
rub wrote:
So, after migration current permissions will be translated to privacy rules based on category and group/user?
Yes, it may be the most difficult part of the work : the migration task. It was a bit the same with history migration from 1.6 to 1.7 and I didn't provide any migration task, but it was not as important as it is with permissions.
rub wrote:
If there are some privacy rules, the best is kept?
This is what I believe. We can still do the same as currently with future privacy rules but I'm sure that new users won't use categories to manage their permissions.
rub wrote:
How to hide a category? A category without candidate pictures or candidate category will be hidden?
Yes. Same thing for a tag. This will be cached of course, for each user.
rub wrote:
It's perhaps necessary to supply plugin witch allows to keep same functionality of version <= 1.7?
I personnaly think it will be very complicated to create this plugin. Current permission system has a lot of consequences in the code, the plugin will be complicated to code. But if someone really feels bad with the new permission system, why not. Plugins are made to extend PhpWebGallery, users have the power :-)
rub wrote:
With privacy rules, the complexity will be occur quicly => a good ergonomic to manage this, it's necessary.
You're right. But privacy rules will be a single administration page, the complexity will be located in a single place, that should make things easier.
Offline
z0rglub wrote:
rub wrote:
Group will be removed?
As group are currently used only for permission management, I would say "yes, group are no more useful". But we may find another use to groups. For example, to filter users before notification by email.
For migration and for other feature, it's best to keep group functionality.
Offline
rub wrote:
z0rglub wrote:
rub wrote:
Group will be removed?
As group are currently used only for permission management, I would say "yes, group are no more useful". But we may find another use to groups. For example, to filter users before notification by email.
For migration and for other feature, it's best to keep group functionality.
+1
Offline
a small thing ... do we also get rid of "locked" categories (visible only to admins) ?
If we do not the code/sql queries will not change a lot ...
Last edited by rvelices (2008-06-19 15:51:36)
Offline
rvelices wrote:
a small thing ... do we also get rid of "locked" categories (visible only to admins) ?
I don't think so. I would even say that we should add a "locked" status on tags. Making a category/tag "locked" doesn't interfere with permission management but only on the categories/tags shown.
Why wouldn't the queries not change a lot if we don't remove this feature?
Offline
By lack of time, I didn't read all (I'll do).
Shall I suggest to offer a plugin system which remains a category authorisation system?
8-)
Offline
VDigital wrote:
Shall I suggest to offer a plugin system which remains a category authorisation system?
I think that it will too hard to code as a plugin. So does rvelices as I read in the very long discussion we had in the french forum.
Offline
z0rglub wrote:
rvelices wrote:
a small thing ... do we also get rid of "locked" categories (visible only to admins) ?
I don't think so. I would even say that we should add a "locked" status on tags. Making a category/tag "locked" doesn't interfere with permission management but only on the categories/tags shown.
OK - I got it; we could still use visibility for categories/tags and eventually per user/group visibility (as previously for permissions), but this will not affect the effective permissions of every image.
In another words the major change with 1.7 is: an image does not have to belong to a accessible category in order to be accessible by a user.
Offline
rvelices wrote:
OK - I got it; we could still use visibility for categories/tags and eventually per user/group visibility (as previously for permissions), but this will not affect the effective permissions of every image.
In would prefer to remove the complexity of visibility of categories/tags per user/group. So I prefer to only keep the "locked" feature : visible to administrators only.
When you say "eventually", you mean the french word "éventuellement" or you mean "at the end". The meaning is completely different.
rvelices wrote:
In another words the major change with 1.7 is: an image does not have to belong to a accessible category in order to be accessible by a user.
In any case, the purpose is to disconnect categories/tags of permissions (privacy rules are an indirect way to use categories to manage permissions).
Offline
z0rglub wrote:
When you say "eventually", you mean the french word "éventuellement" or you mean "at the end". The meaning is completely different.
I meant the french meaning (possibly)...
Offline
z0rglub wrote:
rub wrote:
So, after migration current permissions will be translated to privacy rules based on category and group/user?
Yes, it may be the most difficult part of the work : the migration task. It was a bit the same with history migration from 1.6 to 1.7 and I didn't provide any migration task, but it was not as important as it is with permissions.
Will you provide the migration tool/phase/task/code? Without it could be a key blocker!
8-)
Offline
VDigital wrote:
Will you provide the migration tool/phase/task/code? Without it could be a key blocker!
I will provide something, but as the system will change, it won't be possible to make something equally functionnal. The only solution to avoid any problem (ie a private photo publicly displayed) a solution could be to add a "privacy rule" where by default all photos have the highest privacy level.
Offline
z0rglub wrote:
VDigital wrote:
Will you provide the migration tool/phase/task/code? Without it could be a key blocker!
I will provide something, but as the system will change, it won't be possible to make something equally functionnal. The only solution to avoid any problem (ie a private photo publicly displayed) a solution could be to add a "privacy rule" where by default all photos have the highest privacy level.
"privacy rule" would be fine on my side.
8-)
Offline