Opened 8 years ago
Last modified 3 years ago
#5351 new enhancement
Add “private” setting to limit media view/access to logged-in users
|Reported by:||Olivier Mehani||Owned by:|
MediaGoblin currently exposes all the available media to the world (e.g., on the front page or a user's page), logged in or not. In some cases, it would be good to be able to restrict access to a select few.
One way to do this would be to condition the display of media and galleries on whether a user is logged in or not.
There is also the issue of access to the file itself, which should be similarly prevented from an unlogged user.
Of course, this behaviour should be configurable through a setting option.
Change History (6)
comment:1 by , 8 years ago
comment:2 by , 7 years ago
I would also like this feature. As I need it for a whole instance, I trained to develop on MediaGoblin by making a plugin for that in waiting a better integration. If it can be useful, you can found it here: https://code.maroufle.fr/jerome/mediagoblin-private.
comment:3 by , 7 years ago
Trying it out on my instance. Looks pretty good, thanks Jerome!
A note: as mentioned in my previous comment, it would be better to feature the login link more prominently on the error message.
comment:4 by , 7 years ago
Ah, chicken-and-egg problem: access is denied to the /auth pages (I use LDAP plugin).
Also, it is unclear from the documentation what the list in path_exceptions should look like: a Python list, a string, something else? It would be good to have a concrete example.
comment:5 by , 7 years ago
@shtrom, thank you very much for your feedbacks!
it would be better to feature the login link more prominently on the error message.
I've overridden the error.html template from my side, but it could be included to this plugin if you think it could be nice.
access is denied to the /auth pages (I use LDAP plugin).
I were actually thinking of just skipping all the routes starting with /auth/... Thank you, you've dispelled the only doubt I had left! :)
Also, it is unclear from the documentation what the list in path_exceptions should look like: a Python list, a string, something else?
It's a list of string as defined by the Validator class, as it is for other MediaGoblin configuration. It results in comma-separated values, i.e.:
/, /route1/, /route2/subroute1/
It would be good to have a concrete example.
There is already one, but a really simple one. I'll add a more concrete and complete one.
Edit: I've released v0.2.0, please see the small changelog here. I've also opened registrations in order to not fill this ticket. Feel free to report any other issues, improvements, ... but also fork it! :)
comment:6 by , 3 years ago
:facepalm: I reopened a ticket for this, #5617, which has a patch attached.
Ok, from recent experience, private sites should prominently show the login page, where the media should be, instead of just a link to the login page if the user is not logged in. Confuses the lay-person (: