After reviewing the survey issues, I worked out some requirements for the permissions concept:
- High Priority: separate album/item viewing permissions (publish) and user management
- Gallery-users should be able to
- hide an album/item
- protect an album/item with a password
- apply viewing-permissions to albums/items
- creating groups of viewers (friends, familiy, school, sports,...)
- add users (no-gallery-users, but viewing-users) to these groups
- these users login with a username and a password
- when mailserver is available: invite users
- viewing-permissions can be changed in "edit permissions"
- user management
- site admins can assign rights/permissions to gallery users in site admin
Wireframes
The concept is based on the separation of album/item viewing options and user management. To simplify the process to show or hide items/albums from/to special people, all functions for this can be found in "Edit Permissions" in the album/item actions. The concept comprises the possibility to create "guest"-users:
- a "guest"-user is not a real gallery-user
- a "guest"-user may only view items and albums, never edit or add
- "guest"-users are always assigned to one gallery-user (a gallery-user has a real gallery-account and may add or edit items)
All of the suppositions would work nice with ajax:
- with checking the third radiobutton (step1), the edit permissions area would fade in
- with clicking on new guest/group a layer would appear with the group and "guest"-user editing option
- with clicking into the list of "guest"-users the name and password could be changed
Step 1
first step in edit viewing authorization
- after click on edit permissions in the context menu of an item or an album, the following dialog appears
- the initial dialog should be limited to three choices:
- everybody may see the items/albums/or subalbums
- nobody may see the item/s, albms/s, subalbum/s
- you can edit special option, who may view the items
Step 2
editing permissions for special people
- a gallery user can define who may see the items and albums
- there are groups and users who may view items/albums and/or subalbums
- gallery-users can create new "guest"-users and groups
- a password can be assigned to a special album
- Pro:
- the gallery user don't needs to create "guest"-users or groups
- it's the fastest way to protect an album or an item
- it's easy to send only a password and a link to the people who may see the items/albums
- Con:
- every new album needs a new password
- people have to handle different passwords
Step 3
adding and editing groups or users
- on the left side you can see the groups and their members
- on the right side you can see all "guest"-users, that exist
- as a gallery-user you can add and edit users
- drag a user from the user list to the group-field to make him a member of this group
To be discussed
- group passwords
- Pros:
- gallery-users do not need to deal with many passwords
- gallery-users do not need to communicate with every group member
- Cons:
- it will overlap with the album-password concept
- it could overlap with hidden album
- "guest"-users will need to deal with more than one password, when they are in several groups
- inheritence
- how will subalbums be handled with?
- should they inherit the rights from the parent-album?
- what if a user should be in a group for one album, not for another
Use Cases
Edit permissions- new group
- A gallery-user has uploaded pictures from a weekendtrip with some friends into an album called "berlin". He wants that some of his friends may view the album, but it should be hidden for everybody else.
- A gallery-user has uploaded pictures from a weekendtrip with some friends into an album called "berlin". He wants that some of his friends to be able to add more pictures to the album.
