Add Multiple User Support

[mike]

We should create a basic user system for Plogger. I don't think we need to go as far as setting permissions on each album, collection and picture.

Here is my idea for the system. There are three basic levels of Plogger activities, "Uploading Content", "Managing Content" and "Changing Settings". The administrator has access to all tabs plus an additional "Users" tab which allows the admin to create users, send password reminders, and change user permissions. If this is to simple, "Managing Content" can be broken down into "Creating Albums/Collections", "Changing Content", and "Deleting Content".

Once a user is logged in, the interface displays only the functions which the user has access to. Of course, this system would be easily circumvented by anyone with a minimum amount of coding knowledge.

[anti]

I see no reason to separate "upload" and "manage" activites, if you can edit things then why shoulnd't you be able to add new ones?

The following "capabilities" seem more logical to me:

"Manage collections/albums" (allows adding,editing and deleting) "Manage pictures" (same as above, only for pictures. You could have an user who can upload new images, but cannot change the gallery structure) "Manage comments" - can edit/delete/approve comments "Change settings" - can configure the gallery

[anti]

If we are going to have multiple users, this means that each user can and will have it's own e-mail address as well (for confirmations and password reminder). How would this work together with "comment notify" feature?

Let's say a new user is created and given the "manage pictures" privilege, she will then proceed to upload a bunch of new images. Now someone will visit the gallery and leave a comment. To whom should that comment be e-mailed?

To the admin like now? But since those pictures probably belong to the user, she will probably want to get a notification of the newly added comment as well. The only way to accomplish that is to give each picture an owner, so the code 'knows' whom to send e-mail to.

What else could we implement if each picture had an owner? Or perhaps I'm making things too complicated?

[anti]

I have an use case: I still have my old Gallery installed, since I can't (yet) import pictures from that into Plogger. I created a root level album in it (that would be collection in Plogger) and gave a friend all privileges to that album. She can create new sub-albums in that album, add pictures, move them around, do whatever she likes to, but she has no access to other parts of the gallery.

Would be nice, if I could do the same with Plogger - easy solution is to set an owner for a collection (or album) and then that owner will be able to do anything with the collection she owns.

Maybe the 'owners' system is how we should implement this?

What is it, what you people actually expect from this "multiple users" feature?

[anonymous]

where is it?

[StFS]

I would personally want to see a seperation between "content providing" and "metadata management".

A usecase would be that I upload pictures to the site but I'm way too lazy to put captions on all of them. I just handle the "pull out of camera and shove onto web" part.

My girlfriend then would log in and she would just get access to managing the captions and descriptions for images (and albums/collections for that matter).

[Oceanwatcher]

I would love to see a usersystem integrated with WordPress? so that I do not have to manage two userdatabases.

However, I would like to be able to set rights on each folder of pictures. I want to have folders that are restricted to a certain level.

To me it goes without saying that someone that create a new folder and upload pictures in it has full rights in that folder and can do anything she or he wants there. If others have sufficient rights they should be able to see the pics, but not modify or delete. The normal Windows method of rights on folders is ok enough for me.

But some sort of rights are needed. And it has to be a secure system. I want to be able to put pictures of friends and family on internet without spreading them to the world.

[ericob@…]

I would be happy with something that's pretty simple-minded. Imagine a work environment where some people (maybe temps) appear for a few days to do some management work on my "photo" site. I would want to be able to create a temporary account for them to do their work, then be able to just delete it when they were no longer members of the project.

[derek]

I think we've determined this is becoming a necessary and viable option for Plogger, particularly when trying to integrate it with other multi-user authentication schemes. However, don't expect to see it in the next release; it will require breaking out user authentication from the plog-config table, something which won't happen within the next month.