Open jmathai opened 12 years ago
proposition for "sharing tags": certain tags could be declared private and only visible when logged in / using an obfuscated URL. Kind of like privately shared Picasa albums: They are like regular albums, but
Example:
https://picasaweb.google.com/101037554144446269710/AmandiaBrandonSWedding
will prompt you to log in
https://picasaweb.google.com/101037554144446269710/AmandiaBrandonSWedding?authkey=
I'm interested in this to share photos of the new one privately.
@forresto At the moment we support groups and privacy. You can mark photos as private and select the email addresses you'd like to share with. Anyone signing in with the email addresses specified will have access to those photos.
If you've installed OpenPhoto yourself you can create groups under settings. We haven't added groups to the bulk editing option so you have to add photos to a group one by one (lame). We'll be adding this soon.
Just as a follow-up: Sharable links are cool unless you need privacy. The main reason I'm using OpenPhoto is because I want it to be open to a closed set of friends / relatives. If I share a link, it can go anywhere in 5 minues. Of course any photo can be forwarded at any time, but it's just harder than just sharing a link.
@iampeter We're implementing the move away from groups. There's two features that cover some (but not all) of the functionality which groups provide today.
There's some gaps in functionality which groups provided but moving forward both of these are simpler for us to maintain and for users to use.
The privacy model needs to be both easy and flexible. There are lots of different options but the goal of OpenPhoto is to select the one which makes the most sense to the majority of users. I realize different users have different needs so we'll try to address those in this issue as well.
Simplicity
Having photos be public and private is the most simple permission model. This omits the option to share private photos with others. To solve that there are several options.
Groups
The identity system in OpenPhoto relies on verifying ownership of an email address. We currently do this using either BrowserID or Facebook. The login framework allows any service which confirms ownership of an email address to be supported.
Groups simply consist of any number of email addresses. A group can also simply be an email address for ease of use - it basically lets you share with an email address without having to "create a group".
Groups are the fundamental unit to share with.
Objects
When sharing you have to decide exactly what you're going to share. It can be your entire collection of photos, a single photo or a group of photos.
Sharing your entire photo collection is easy. We should consider how many users this method works for. It means that we add another type of permission which has the ability to view photos and leave comments.
Sharing a single photo can be done by having a unique URL for the photos. It's security by obscurity which should be fine. The unique URL can include some version of the hash and perhaps the secret.
Sharing a group of photos is more complicated. First, we don't have albums. We could do sets of tags which are represented as an album but the implementation of this is more complicated. I'm curious how often a group of photos need to be shared and one of the previous two options don't work.
Again, we have to solve for the majority here.
Authentication
A sharable link with an obfuscated URL should not require a user to log in. The obfuscated URL alone should be sufficient.