User right management

Ideas for improvements and requests for new features in XnView MP

Moderators: XnTriq, helmut, xnview

Post Reply
Hajo
Posts: 4
Joined: Tue May 15, 2018 11:03 am

User right management

Post by Hajo »

Hello,

we plan to use XN View MP in our company for picture management (especially marketing porposes). To ensure, only authorized persons can tag pictures as “approval for marketing”, we need some kind of user right management.

Is it possible to add a user right management to XN View MP?

What I have in mind:

Admin: Allowed to use the complete functionality, especially to add categories.
Super User: Allowed to tag pictures with all categories. Especially some “Master-categories”, i.e. “Approval for marketing”.
Users: Allowed to search with all filters (categories, quality and colour indication); allowed to tag pictures with all categories, except “Master-categories”
Viewer: See only pictures with "approval for marketing"

It should be easy, that the categories will get a flag “Master” or “normal”, which can be checked by the user management.

Best Regards
Hajo
User avatar
Tschens
Posts: 53
Joined: Sat May 12, 2018 7:38 am
Contact:

Re: User right management

Post by Tschens »

This would be great!
Olympus OMD E-M1, BS Kinetics underwater housing, 2xSubtronic pro 160 flashes. Zuiko mFT lenses: 60 macro, 7-14, 8 mm fisheye, 12-100, PanaLeica 100-400.
My Homepage | My book at Amazon
Jochen S.
Posts: 32
Joined: Sun Nov 05, 2017 12:52 pm

Re: User right management

Post by Jochen S. »

@Hajo,

I assume all those pictures reside on some kind of network drive and would be accessed from multiple clients eventually at the same time? Probably this will rise additional questions regarding cached metadata, thumbnails and so on...

Did you think about using folder permissions as a second dimension to categories? You could have three folders on the network drive "super user", "user" and "public". You could grant read and/or write permission for each folder to different user groups since you probably already have a reliable and proven user management for network drives. You could have a background job to synchronize approved pictures to the public folder. Since you have so many people working on the same data I would even think about using only folders to flag workflow state and to use categories only for the type of the image.

It's just an idea :D

Regards,
Jochen
Hajo
Posts: 4
Joined: Tue May 15, 2018 11:03 am

Re: User right management

Post by Hajo »

Yes, the pictures are stored on a network drive and we will have different users. The db-file will be stored at the network drive. The thumbnails should be stored locally at each Laptop/PC.
I think only an internal user right management will bring the safety. The second dimension via folder permissions cannot represent the functionality, I need.

The Szenario A:
3 folders: “new data”, “internal data”, “public data”
3 user groups: “super user”, “user”, “viewers”

Users and Super User are allowed to add files to this folder. The “Super User” has to decide if these pictures are “internal data” or “public data” and move it to the right folder. (read/write permissions for both folders)
If the “Users” have no write permissions to the “internal data” folder, it would be not possible to tag those pictures (Tags in metadata need write permissions). Pictures can’t be found/filtered without tags.
If the “Users” have write permissions to tag public pictures, they would also be able to move
internal pictures into this folder. Windows does not distinguish between “add file” or “alternate file” in it’s folder permissions.


The Szenario B:
3 folders: “super user”, “user”, “viewers”
3 user groups: “super user”, “user”, “viewers”

Super User is allowed to tag pictures in all folders.
Users are allowed to tag pictures in user folders and viewer folder. If public pictures are stored in “viewer folder“ and internal pictures are stored in “user folder”, we have again the problem, that it would be possible for users to move pictures from “user folder” to “viewer folder”.


The second KO-criterion is, that XNViewMP can’t forbid users to tag files in random other folders (i.e. project folders) with the tag “public”. These pictures would be found with a category-filter by XNView.

Regards
Hajo
Hajo
Posts: 4
Joined: Tue May 15, 2018 11:03 am

Re: User right management

Post by Hajo »

A second option to ensure some tags should be only set by the admin is a change log.
Every time, users add files to the database or change tags of a file, the changes will be logged:
[timestamp, user, file, changes]

Is such a feature already available?

The admin has to check every monday or every morning the changelog. If there are mistakes, she/he will revise it.
It's not the preferred option, because the database will be a certain time in possibly wrong status. In example, if the admin is on holidays or ill, the last changes can not be reviewed for some days or weeks.

Regards
Hajo
Jochen S.
Posts: 32
Joined: Sun Nov 05, 2017 12:52 pm

Re: User right management

Post by Jochen S. »

If you don't follow my suggestion to simply use network folder permissions but rely on XnViewMP features - who do you think your admin can assure that all users use only XnViewMP? A log in XnViewMP is of no use if users can just use another application to edit the tags. There are many other programs which can just run without installation...
Hajo
Posts: 4
Joined: Tue May 15, 2018 11:03 am

Re: User right management

Post by Hajo »

Hello Jochen,

your folder and folder rights solution knocks out the big advantage of the XnView database.

Our files are spread over thousends of folders. With NxView I can tag them, no matter where they are stored physically. "Find your file instead of look for your file!" is the slogan.
To use folders for "private" and "public" files, we would need to store copies of all files in this folders. This means many GB (or Terrabytes) additional storage space and thousends of duplicated files.

I think the old folder-philosophy is outdated. The idea of keywords helps to find related files quickly and easy. I don't have to think about, where they may be stored. That's the way how goolge, tumblr & Co are working.

You are right - in most cases there are ways and possibilities to bypass restrictions. Even if I make a hazard-analysis or Process-FMEA for plants, that are operated by humans, Operators will find a way for sabotage.

Back to XnView:
For us it would be easier to find "approved pictures" with XnView and the related tag. Otherwise it is to easy to set the tag in error (not intentionally), i.e. You want to equalize the tags of a batch of pictures: Mark all pictures and you see the assigned tags. By clicking the italic tags, set for only some of you files, you will tag all marked picutres with this tag. It is a quick click in error and you tagged pictures wrong with "approved". Even if you realize you fault, there is no "CTRL + Z" to annul the last decission.

It is highly unlikely that users will search for other tools to tag the pictures. If they do so to tag pictures in a wrong way, it's a kind of sabotage.

Best regards
Hajo
Jochen S.
Posts: 32
Joined: Sun Nov 05, 2017 12:52 pm

Re: User right management

Post by Jochen S. »

Hajo,

I can follow your thoughts, and from end user point of view its logical to make no difference between google database and XnView database. But technically there are differences which might set some restrictions.

To me your suggestions (rights management with admin, super user, user, viewer for a minor feature like tagging) just sounds like it would add a lot of complexity to XnViewMP which would mean a lot of work to implement and document, required tests, possibilities for future bugs and effort to explain that to many users which would just manage their holiday pictures. And all that for very few users/installations which might benefit from that. Maybe even more users will stop/not start using the program due to the grown complexity then those who go for it because of this feature.

Using the folder solution you would not need to wait for this feature to be implemented but can start today. And it would be secure, no way around it. And there is no need to make copies of the files, you just need to have a matching folder structure and correct read and/or write permission per user per folder.
Post Reply