Opened 4 years ago

Last modified 3 years ago

#5351 new enhancement

Add “private” setting to limit media view/access to logged-in users

Reported by: Olivier Mehani Owned by:
Priority: minor Milestone:
Component: graphic design/interface Keywords:
Cc: Parent Tickets:

Description

MediaGoblin currently exposes all the available media to the world (e.g., on the front page or a user's page), logged in or not. In some cases, it would be good to be able to restrict access to a select few.

One way to do this would be to condition the display of media and galleries on whether a user is logged in or not.

There is also the issue of access to the file itself, which should be similarly prevented from an unlogged user.

Of course, this behaviour should be configurable through a setting option.

Subtickets

Change History (5)

comment:1 Changed 4 years ago by Olivier Mehani

Ok, from recent experience, private sites should prominently show the login page, where the media should be, instead of just a link to the login page if the user is not logged in. Confuses the lay-person (:

Last edited 4 years ago by Olivier Mehani (previous) (diff)

comment:2 Changed 3 years ago by jerome

I would also like this feature. As I need it for a whole instance, I trained to develop on MediaGoblin by making a plugin for that in waiting a better integration. If it can be useful, you can found it here: https://code.maroufle.fr/jerome/mediagoblin-private.

comment:3 Changed 3 years ago by Olivier Mehani

Trying it out on my instance. Looks pretty good, thanks Jerome!

A note: as mentioned in my previous comment, it would be better to feature the login link more prominently on the error message.

comment:4 Changed 3 years ago by Olivier Mehani

Ah, chicken-and-egg problem: access is denied to the /auth pages (I use LDAP plugin).

Also, it is unclear from the documentation what the list in path_exceptions should look like: a Python list, a string, something else? It would be good to have a concrete example.

comment:5 Changed 3 years ago by jerome

@shtrom, thank you very much for your feedbacks!

it would be better to feature the login link more prominently on the error message.

I've overridden the error.html template from my side, but it could be included to this plugin if you think it could be nice.

access is denied to the /auth pages (I use LDAP plugin).

I were actually thinking of just skipping all the routes starting with /auth/... Thank you, you've dispelled the only doubt I had left! :)

Also, it is unclear from the documentation what the list in path_exceptions should look like: a Python list, a string, something else?

It's a list of string as defined by the Validator class, as it is for other MediaGoblin configuration. It results in comma-separated values, i.e.:

/, /route1/, /route2/subroute1/

It would be good to have a concrete example.

There is already one, but a really simple one. I'll add a more concrete and complete one.

Edit: I've released v0.2.0, please see the small changelog here. I've also opened registrations in order to not fill this ticket. Feel free to report any other issues, improvements, ... but also fork it! :)

Last edited 3 years ago by jerome (previous) (diff)
Note: See TracTickets for help on using tickets.