Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

User-IDNamePasswordMember
of group
Remarks
adminSystem administratoradminSystem administration


Note

We strongly recommend that you change the admin-password after the initial installation.
Upon delivery, only the Admin user is authorised to allow additional users.

To login as an administrator, go to the main page  of PicApport, click on the "hamburger menu"
on the top and select logoff. Now you can login with the Admin account and manage users
and permissions.


picapportPicApportpicapportFamily

Before version 5 PicApport had no user management. For private networks this is simply more
convenient
. To have this feature also for new versions, we deliver PicApport with a standard
user
PicApport. If you access the PicApport-Server with a browser the user PicApport will
be automatically logged in if the following applies:

  • A user account PicApport with password picapport exists and is active
guestGuestguestGuests This is our proposal for a guest account with limited privileges

 


Groups

All permission a user has in PicApport, are achieved by a group membership The following rules apply :

...

By default the data of the group account management is stored in the directory ./picapport/usersIf this directory does not exist when PicApport starts, it will be created automatically
with the following default settings
:

 


Group-IDNameremarks
adminsSystem administration
 Upon delivery, members of this group have the following permissions:
  • All permissions
familyFamily
 Upon delivery, members of this group have the following permissions:
  • All permissions except:
    • Permission to create, update or delete a user
    • Permission to add a user to own user-group(s)
    • Permission to create, update or delete a user-group
    • Permission to set geolocations (geotagging).
    • Permission to edit photo metadata. (Title, description, date, etc.)
guestsGuests
 Upon delivery, members of this group have the following permissions:
  • Permission for full-text searches (Visibility: global search)
  • Permission to set search options (Visibility: search options)
  • Permission to view 'dynamic collections' (Visibility: 'dynamic collections')

 


Permissions

ID of permissionSinceDescription
Permission group Administration
pap:admin:user 
Permission to create, update or delete a user
pap:admin:user:local 
Permission to add a user to own user-group(s)
pap:admin:group 
Permission to create, update or delete a user-group
pap:admin:changeownpassword 
Permission to change own password
pap:admin:assignipadress 
Permission to assign an IP-Address to own account
pap:admin:shares6.2Permission to manage shared photos (links)
pap:admin:useroptions6.2

Permission to set user options by entering commands in the search field
see: User Options

pap:admin:server7.6Permission for server administration via the Web GUI.
Permission group photo access
pap:access:uploads 
Permission to upload files
pap:access:ownuploadsvisible 
Uploaded photos from a user are always visible to that user independent from filter settings.
pap:access:downloads 
Permission to download files (photos in original size)
pap:access:metadata 
Permission to view photo metadata
pap:access:share6.2Permission to share photos (create link)
pap:access:removephotos7.6Permission to remove photos.
Permission group program functions
pap:feature:search 
Permission for full-text searches (Visibility: global search)
pap:feature:options 
Permission to set search options (Visibility: search options)
pap:feature:dyncol:view 
Permission to view 'dynamic collections' (Visibility: 'dynamic collections')
pap:feature:dyncol:edit:glob 
Create, update or delete of global 'dynamic collections'
pap:feature:dyncol:edit:group 
Create, update or delete of 'dynamic collections' for own user-groups
pap:feature:dyncol:edit:user 
Create, update or delete of 'dynamic collections' for own user-account
pap:feature:offcol 
Permission to create 'local collections'
pap:feature:dirbrowser 
Permission to start directory-browser. (Visibility: directories/folder)
pap:feature:msg:newfotos 
Info about new photos. If set, user gets notified on landing page when new photos are available.
pap:feature:msg:queryresult 
If set, the query and number of photos found will be displayed in the thumbnail view.
pap:feature:map5.3Permission to use the integrated map module.
pap:feature:mapedit7.6Permission to edit markers on map.
pap:feature:designs:select6.0.3Permission to select a design.
pap:feature:designs:changedefault6.0.3Permission to set the default design.
pap:feature:thumbs:canselect6.0.3Permission to select photos in the thumbnail view. (Planned for Version 7)
pap:feature:sharescreen:send7.2.0Permission to share own screen.
pap:feature:sharescreen:receive7.2.0Permission to access remote screen.
pap:feature:sharescreen:autorecieve7.2.0Permission to access remote screen automatically during slideshow. (e.g. for picture frame).

Permission group edit metadata

pap:editmeta:mytags:like7.0Permission to like a photo.
pap:editmeta:mytags:tags7.0Permission to manage usertags (MyTags).
pap:editmeta:geo:location7.0Permission to set geolocations (geotagging).
pap:editmeta:photo7.0Permission to edit photo metadata. (Title, description, date, etc.)

 


Properties

Key
Default
Typ
Seit Version
Beschreibung
user.encryption.iterations1701intV5.0.0SHA-512-Iterations for password hashes
user.password.min1intV5.0.0Minimum password length
user.password.max75

int

V5.0.0Maximum password length
user.log.accessfalsebooleanV5.0.0extended logging on server for user access

 

 



Technical infos

XML-Persistence

...

XML-PathAttributeExample valueDescription
userdefinition:useridtestuser@test.net

Unique ID of a Users


 nameMax MustermannDisplay name of a user

 descriptionthe quick brown fox jumps over the lazy dogdescription

 activetrueFlag if user is active

 created149370075385Creation date of account in milliseconds since 1.1.1970

 lastupdate149370825561Last update of account in milliseconds since 1.1.1970

 lastlogin149370325561Last login of user in milliseconds since 1.1.1970
userdefinition:user:security: passwordhashed-valuex3ASj9ahC93 ... 8IH23XgcP+Dh8Password hashed value

 unhashed-valueklartextpasswort

Password in clear text. (You can use this to manually set a password)

On Startup PicApport will automatically create a  hashed-value from this
attribute and then remove the unhashed-value.

userdefiniton:user:ip-addresses:ip-addressvalue10.66.77.1IP-Address for automatic login
userdefinition:user:attributes:attributenamestreetAttribute-name

 valueMainstreet 2Attribute-value

 


Roles / Groups-XML

XML-PathAttributeExample valueDescription
roledefinition:roleidguests

Unique ID of this role / group


 nameGästeDisplay name of role / group

 descriptionthe quick brown fox jumps over the lazy dogDescription

 activetrueFlag if group is active
roledefinition:role:members:memberidtestuser@test.netMember of this role / group
roledefinition:role: permissions: permissionvaluepap:access:downloadsAll permissions of this role / group
roledefiniton:role:attributes:attributenamestreetAttribute-name

 valueMainstreet 2

Attribute-value

 


Encryption / hashing

PicApport uses two different encryption methods.

...