Gallery User/Group Permissions

schramm

Joined: 2012-08-31
Posts: 2
Posted: Fri, 2012-08-31 18:07

Hello,

First off, Gallery is AWESOME. I do not know where we would be as an organization without it. In fact we have over 168,000 items, and I don't think there has been much decrease in performance.

We are a nonprofit housing agency and use Gallery 2 to collect photos from various contractors on property conditions and maintenance. Before uploading to gallery people are naming pictures with a controlled naming convention. For example, 472-01-030_main.jpg is the picture that appears on our public website. Where the number represents a property number and then part after the underscore indicates where what type of picture/where to display it etc.

I have loosely integrated the pictures into our internal project management database as well as our website: http://www.cuyahogalandbank.org/

The integration was done by querying the gallery tables to find: %itemId%-%serialNumber%/%fileName% and display in the php/html page.

This query gets a gIDList
$query1="SELECT g2_FileSystemEntity.g_id, g2_Item.g_title,g2_ItemAttributesMap.g_parentSequence FROM g2_FileSystemEntity,g2_Item,g2_ItemAttributesMap WHERE (g2_FileSystemEntity.g_id=g2_Item.g_id AND g2_FileSystemEntity.g_id=g2_ItemAttributesMap.g_itemId AND g2_Item.g_id=g2_ItemAttributesMap.g_itemId) AND (g2_FileSystemEntity.g_pathComponent LIKE ".prepdata($the_ppn."%")." or g2_Item.g_title LIKE ".prepdata($the_ppn."%").") AND g2_Item.g_canContainChildren!=1 AND g2_ItemAttributesMap.g_parentSequence not like '7/226240/%'";

-.prepdata($the_ppn."%"). get's all pictures associated with a particular property identifier.

This quey gets the serial number and file
$query2="SELECT g2_Entity.g_id AS g_id_der, g2_Entity.g_serialNumber AS serialNumber, g2_FileSystemEntity.g_pathComponent AS pathComponent, g2_Item.g_description as description, g2_Item.g_title as title, g2_Item.g_summary as summary FROM g2_Entity,g2_Derivative,g2_FileSystemEntity,g2_Item WHERE g2_Entity.g_id=g2_Derivative.g_id AND g2_Derivative.g_derivativeSourceId=g2_FileSystemEntity.g_id AND g2_Derivative.g_derivativeSourceId=g2_Item.g_id AND g2_Derivative.g_derivativeOperations='".$picSize."' AND g2_Derivative.g_derivativeSourceId in (".$gIdList.")";

Not only are we displaying the pictures we are extracting from Gallery2 for HTML pages, we are also embedding them into pdfs and word documents on the fly.

All of this works fine until I take away the "[core] view all versions" permission for the "Everybody" user on the the top level "Gallery" album. When this happens, the images are not displayed when there is no gallery session.

We have different contractors who don't want others seeing the pictures they are uploading. Also, I don't want the general public to see all of the photos. Instead, I just want people to access the photos through our web pages, pdfs, word documents, etc.

To summarize, I want to use gallery to manage and upload photos and apply security to www.cuyahogalandbank.org/gallery2, but I don't want the general public to see that info. At the same time, I don't want any security restrictions when displaying photos that result from the above mysql query.

Attached, there are two screenshots from our internal website. In one example I am logged on to a gallery session. You see photos. When I am not logged into a gallery session the photos are not displayed.

Here is the info about my site:
Gallery URL = http://www.cuyahogalandbank.org/gallery2/main.php
Gallery version = 2.3.1 core 1.3.0.1
API = Core 7.54, Module 3.9, Theme 2.6, Embed 1.5
PHP version = 5.3.15 apache2handler
Webserver = Apache/2.2.22
Database = mysqli 5.1.56-log, lock.system=flock
Toolkits = ArchiveUpload, Exif, ImageMagick, NetPBM, Gd
Acceleration = none/0, none/900
Operating system = FreeBSD qs2997.pair.com 8.2-STABLE FreeBSD 8.2-STABLE #0: Tue Jun 19 14:07:43 EDT 2012

:/usr/obj/usr/src/sys/82PAIRg-AMD64 amd64
Default theme = classic
gettext = enabled
Locale = en_US
Browser = Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Rows in GalleryAccessMap table = 434
Rows in GalleryAccessSubscriberMap table = 168924
Rows in GalleryUser table = 47
Rows in GalleryItem table = 168876
Rows in GalleryAlbumItem table = 9391
Rows in GalleryCacheMap table = 4

Thanks!

AttachmentSize
gallery_logged_in.GIF200.9 KB
gallery_not_logged_in.GIF74.08 KB
 
suprsidr
suprsidr's picture

Joined: 2005-04-17
Posts: 8339
Posted: Fri, 2012-08-31 20:04

for several years we have had many tools to use gallery externally via the API w/out the danger associated w/ direct DB interaction.
MediaBlock for displaying single items, several items...
Using the embed API to fully embed all or single albums or to hide albums from public.
And the All New jQuery Minislideshow for G2/G3

Basically G2 has a robust external API to make embedding/displaying your gallery anywhere.

-s
 
schramm

Joined: 2012-08-31
Posts: 2
Posted: Fri, 2012-08-31 20:17

Thanks for the reply. When I went to download the "MediaBlock" plug in to experiment with, I discovered the "Hidden Album" plug in. It did exactly what I wanted to do.