Announcement

#1 2019-03-24 11:47:10

luisrosety
Member
2019-03-24
7

Access permission confusing

Hi,

I am confused about the permissions.
I have installed Piwigo for a group of users for uploading pictures but I don't want these users being able to create/delete albums.
At album level only the webmaster should do it.
Authors should be able to upload photos to existing albums.
Guest should be able to see all pictures and add comments.
Your definition of "private" and "public" albums is confusing because you speak of "access" but not specifying if this access is "modify" access or just "view" access.
My ideal permission structure should be:
Administrator: Can add/delete Albums
    Author: Can add pictures to created albums and modify/delete HIS pictures (no other's pictures)
        Guest: Can see pictures and add comments

But making a user "administrator" gives deletion permission
Is there any way to do it?
Thanks
Luis Rosety

Piwigo version: 2.9.4
PHP version:
MySQL version:
Piwigo URL: http://

Offline

 

#2 2019-03-24 13:59:29

erAck
Only trying to help
2015-09-06
1026

Re: Access permission confusing

Don't assign a normal user to Administrator who can change almost the entire site except the parts for which the Webmaster role is required.

Try [extension by plg] Community


Running Piwigo at https://erack.net/gallery/

Offline

 

#3 2019-03-24 16:33:17

luisrosety
Member
2019-03-24
7

Re: Access permission confusing

Thanks!
I'll give it a try.
I can't understand why uploading photos needs administration access.
It must be very common my situation where someone creates a site for a group of authors who just need upload permission, not administration access like user configuration, for example.

Offline

 

#4 2019-03-24 19:27:47

erAck
Only trying to help
2015-09-06
1026

Re: Access permission confusing

Because that is what the plugin is for and user upload was moved from core to the plugin. Read the forum page linked from the plugin's page.


Running Piwigo at https://erack.net/gallery/

Offline

 

#5 2019-03-25 21:43:56

luisrosety
Member
2019-03-24
7

Re: Access permission confusing

I have tried the extension and I miss important settings like not allowing an author to delete another author's photos.
The extension just allows selected users uploading photos but it also grants edit and deletion permissions and this is annoying.
A group of authors should be able to upload contents but not to modify or delete other's contributions.
This is my opinion, of course!

Offline

 

#6 2019-03-25 22:08:01

executive
Member
2017-08-16
1099

Re: Access permission confusing

It shouldn't do that.

Make sure they are set as generic users.

Offline

 

#7 2019-03-26 11:09:37

luisrosety
Member
2019-03-24
7

Re: Access permission confusing

Thanks, it works!
But I have another question, once logged in as "generic" it is not possible to change the theme for the presentation nor the language.
These are settings that any user should be able to customise according to his preferences.
Another disturbing point is that uploading photos should get the author name automatically. At least there should be a filter with the uploader user of each photo.
Otherwise the administrator needs to review photo by photo and asking the contributors who uploaded the photo. And this is a nightmare.

Offline

 

#8 2019-03-26 11:25:57

executive
Member
2017-08-16
1099

Re: Access permission confusing

luisrosety wrote:

But I have another question, once logged in as "generic" it is not possible to change the theme

Yes it is possible
<piwigo URL>/profile.php

luisrosety wrote:

uploading photos should get the author name automatically... administrator needs to review photo by photo and asking the contributors who uploaded the photo.

It does, and you can.
[extension by ddtddt] See photos by user

Offline

 

#9 2019-03-26 11:30:05

luisrosety
Member
2019-03-24
7

Re: Access permission confusing

Adding more detailed information on my previous post:
The images table of MySQL contains a field "added_by" with the user id.
It would be helpful allowing the webmaster the use of this field or even more allowing the use or an SQL SELECT
But I insist in the need of adding as author by default the uploader user. It is the most logical and useful option.
Apart of that, I disagree having the field "author" of the table "images" filled with the user name.
It should be the user "id" since it is possible changing the name for an existing user and this would produce an inconsistency of the table content.

Offline

 

#10 2019-03-26 11:33:19

luisrosety
Member
2019-03-24
7

Re: Access permission confusing

Thanks for your answer.
But I find it surprising that such basic features need the installation of extensions and adding endings to the URL.
IMHO I think they should be installed by default.

Offline

 

#11 2019-03-26 16:58:23

luisrosety
Member
2019-03-24
7

Re: Access permission confusing

To "executive":
Adding profile.php to the URL does not work.
A non-administrator user gets an error message when trying to access <piwigo URL>/profile.php

You are not authorised to access the requested page
Identification Home

Offline

 

#12 2019-03-26 21:23:10

executive
Member
2017-08-16
1099

Re: Access permission confusing

luisrosety wrote:

Thanks for your answer.
But I find it surprising that such basic features need the installation of extensions

Most people don't need it. In my opinion, it is good that it is provided as a choice. That way YOU can pick what you want. If you want to run a simple, streamlined Piwigo, you can.

luisrosety wrote:

Adding profile.php to the URL does not work.
A non-administrator user gets an error message

It works for me with non-admin users. Try a different theme.

I'm sure there's a way to get there without typing the URL, but I didn't check.

Offline

 

#13 2019-03-27 02:13:44

erAck
Only trying to help
2015-09-06
1026

Re: Access permission confusing

luisrosety wrote:

But I find it surprising that such basic features need the installation of extensions and adding endings to the URL.
IMHO I think they should be installed by default.

Why? Out of the box Piwigo suits the needs of publishing a photo gallery with different users and permissions. The basic use does not need sophisticated user management functionality, hence code providing such doesn't need to be present. I'm grateful it doesn't bloat my installation. If such is needed by the admin then the admin can install plugins/extensions. There's nothing wrong about that.


Running Piwigo at https://erack.net/gallery/

Offline

 

Board footer

Powered by FluxBB

github twitter newsletter Donate Piwigo.org © 2002-2021 · Contact