Web based family history software

This Help forum is for issues relates to the latest release (1.2.x). For issues related to beta or svn version please use their own Help forum.
When requesting help please provide as much information as possible. Explain what version of webtrees, PHP and MYSQL you are using. If possible provide a URL to your site so we can see the problem first-hand.
Tip: Think about putting these details in your signature, so it appears in the footer of ALL your messages

Question Privacy Settings

  • JustCarmen
  • Topic Author
  • Offline
  • Elite Member
  • Elite Member
More
11 years 10 months ago #1 by JustCarmen
Privacy Settings was created by JustCarmen
For testing purposes I made to test users:
- user 1 is linked to an individual in the family tree and has the role member and a level of 3;
- user 2 is not linked to an individual in the family tree and also has the role member;

These are my privacy settings:
Privacy options: ENABLED
Show dead people: SHOW TO VISITORS
Names of private individuals: SHOW TO MEMBERS
Show private relationships: YES

When a visitor tries to enter the record of a living individual he gets the notice that that person does not exist or he has no right to see any information - CORRECT
When user 1 enters the record of a living individual outside his family branch he only sees the name of that person and NO other details. - CORRECT
When user 2 enters the record of any living individual he sees the name of that person AND all the details! - NOT CORRECT

I expected user 2 could not see the details of any living individual on the site but just their names.

Are my settings incorrect of is this a bug?


Carmen
Designer of the JustLight theme (comes with a light and dark color palette), Fancy Imagebar, Fancy Research Links and Fancy Treeview for webtrees 2


Check my website at www.justcarmen.nl

Please Log in or Create an account to join the conversation.

More
11 years 10 months ago #2 by fisharebest
Replied by fisharebest on topic Re: Privacy Settings
<<When user 2 enters the record of any living individual he sees the name of that person AND all the details! - NOT CORRECT>>

This seems correct to me. You have given the user the role "member". Members can see living individuals. Visitors cannot.

Both user1 and user2 are members. The difference is that one is linked to an individual. This makes the difference that the linked individual can see *ALL* the data attaced to their own record - whatever privacy rules are added. This is to comply with the law in many countries that a person can always see all data held on them.

The "level 3" means that user1 is restricted to living individuals who are within 3 relationship steps.

User2 has no such restriction.

The option "Names of private individuals: SHOW TO MEMBERS" exists to grant *extra* permissions to visitors. It allows them to see the names of private (i.e. living) individuals, but not details.

Greg Roach - greg@subaqua.co.uk - @fisharebest@phpc.social - fisharebest.webtrees.net

Please Log in or Create an account to join the conversation.

  • JustCarmen
  • Topic Author
  • Offline
  • Elite Member
  • Elite Member
More
11 years 10 months ago #3 by JustCarmen
Replied by JustCarmen on topic Re: Privacy Settings
Thanks for your quick reply but it is not totally clear for me.

This is what I want:

Non-registered visitors are not allowed to see anything regarding to living people. Not even their names.
I have two types of registered users on my site. Users who are part of the family tree and users who are not.

I want to allow all registered users to see the names of living individuals.

Details of living people should only be shown to users within their family branch. So a user with no id in the tree, should not see any details of any living person (only their names).

When I set the role of user 2 back to visitor and leave all the privacy settings as mentioned before, he can't see names of living people.
When I set the option 'Names of private individuals' back to 'show to visitors' every visitor (registered or non-registered) can see names.

Is it possible to make such a difference between registered and non-registered users regarding the privacy settings?


Carmen
Designer of the JustLight theme (comes with a light and dark color palette), Fancy Imagebar, Fancy Research Links and Fancy Treeview for webtrees 2


Check my website at www.justcarmen.nl

Please Log in or Create an account to join the conversation.

  • ToyGuy
  • Offline
  • Moderator
  • Moderator
  • Live like it's Christmas every day - Santa Stephen
More
11 years 10 months ago #4 by ToyGuy
Replied by ToyGuy on topic Re: Privacy Settings
Carmen
Wow, pretty convoluted configuration. Why give the 'non-edit' users access at all? Effectively, don't they have VISITOR rights = See dead people only?

Nigel spent a lot of time developing the full description of the access and privacy on the WIKI:
wiki.webtrees.net/Access_and_Privacy

It is pretty comprehensive and not difficult to understand unless you skim it or take items out of context or don't read all the details. Otherwise, rather self-explanatory.

HOWEVER, members are members. If you grant the membership at all, then the ability to block names of living persons is not possible. Your only possibility would be to create a default person (add an unlinked person) and attach each of your visitor members to that person and set relationship pathlink to 1.

Santa Stephen the Fabled Santa
Latest webtrees at MyArnolds.com
Hosted by webtreesonline.com , a division of GeneHosts LLC
MacOS 10.6.8, Apache 2.2+, PHP 5.4.16, MySQL 5.5.28

Please Log in or Create an account to join the conversation.

  • JustCarmen
  • Topic Author
  • Offline
  • Elite Member
  • Elite Member
More
11 years 10 months ago #5 by JustCarmen
Replied by JustCarmen on topic Re: Privacy Settings
Maybe you are right. I think I am a little confused thats all. Converted my site from PGV to webtrees and checking all the settings. Non-linked users all had the role of visitor till now, but I thought it would be fair to make a difference between registered and non-registered users. All registered users has informed me why they are interested in my site and mostly because they found some kind of link with their own family tree or searching for more information. I don't see any problem in showing them a little bit more (names) then non-registered users.

And I read the wiki of course before I asked the question.

But you helped me out with your suggestion of adding an unlinked person.


Carmen
Designer of the JustLight theme (comes with a light and dark color palette), Fancy Imagebar, Fancy Research Links and Fancy Treeview for webtrees 2


Check my website at www.justcarmen.nl

Please Log in or Create an account to join the conversation.

More
11 years 10 months ago #6 by kiwi
Replied by kiwi on topic Re: Privacy Settings

Effectively, don't they have VISITOR rights = See dead people only?

Although its not the way I would work (as Stephen says: "too convoluted"), I can see where Carmen wants to get.

Simply put, she wants these registered users to be limited to the same rights as a non-registered user PLUS the ability to see only the names of living people. That's sort of like the "guest" role we debated extensively when the privacy rules were thoroughly amended. The decision was made not to have such an additional level.

Please Log in or Create an account to join the conversation.

  • JustCarmen
  • Topic Author
  • Offline
  • Elite Member
  • Elite Member
More
11 years 10 months ago #7 by JustCarmen
Replied by JustCarmen on topic Re: Privacy Settings
Thanks Kiwi, you made my point clear and a bit quicker than I did!

I just tried the solution of adding an unlinked person and dropped it again. It gave me what I want, users linked to this person (with a level 1) can see names of living people, but on their My Page they get a link to the individual page and the familiy tree of this fake person. So that is not a nice solution after all.

I decided to set back all the roles of users without a link in the tree to visitor.

Thanks for your quick replies and keep up the good work!


Carmen
Designer of the JustLight theme (comes with a light and dark color palette), Fancy Imagebar, Fancy Research Links and Fancy Treeview for webtrees 2


Check my website at www.justcarmen.nl

Please Log in or Create an account to join the conversation.

  • ToyGuy
  • Offline
  • Moderator
  • Moderator
  • Live like it's Christmas every day - Santa Stephen
More
11 years 10 months ago #8 by ToyGuy
Replied by ToyGuy on topic Re: Privacy Settings
Ahh - there's the big difference.
We don't allow anyone to register that is not a relative, or doing official, paid genealogy for a relative and then, only via an account established for that relative. Every registered person must be listed - a requirement before granting any kind of membership or access beyond a non-registered visitor. Also allows us to restrict them to their branch.

I think you would find this a far better solution. I have nearly a dozen fishing/phishing requests per week and we simply state - if you aren't a relative DONT ASK.

Santa Stephen the Fabled Santa
Latest webtrees at MyArnolds.com
Hosted by webtreesonline.com , a division of GeneHosts LLC
MacOS 10.6.8, Apache 2.2+, PHP 5.4.16, MySQL 5.5.28

Please Log in or Create an account to join the conversation.

More
11 years 10 months ago - 11 years 10 months ago #9 by WGroleau
Replied by WGroleau on topic Re: Privacy Settings
Although I go with with Stephen's approach of only relatives, I still don't see the "all details" bit.

I would expect to see all details only if there exists a relationship path less than "N" length from me. If there is no path at all, then there should be no details at all.

To put it in pseudo-SQL, I expect
Code:
where length(path) < N
but NOT
Code:
where length(path) < N or path is null

--
Wes Groleau
UniGen.us/
Last edit: 11 years 10 months ago by WGroleau.

Please Log in or Create an account to join the conversation.

More
11 years 10 months ago - 11 years 10 months ago #10 by kiwi
Replied by kiwi on topic Re: Privacy Settings
By default any registered user can see everything subject only to their role, and generic (tree) privacy settings. In most cases, this means "All". There is NO "relationship path" involved in the access consideration, no "length" calculation.

I assume you haven't' looked at the options for relationship privacy (in user account settings) lately?

The question there is "Restrict to immediate family?". The options available are "no, 1,2,3...10", with the digits representing levels of relationship, and the default = "no".

Two things are required to enable relationship privacy:
1 - set a level of 1 or greater
2 - the system must be able to calculate a distance from "somewhere". This therefore requires that the user is linked to an INDi in the tree.

With either of these missing, relationship privacy is not applied, and the user has access to everything accorded to a user with their role.
Last edit: 11 years 10 months ago by kiwi.

Please Log in or Create an account to join the conversation.

More
11 years 10 months ago #11 by WGroleau
Replied by WGroleau on topic Re: Privacy Settings
Yes, mine is set to four or five.
But intuitively (to MY intuition), seeing immediate family when nobody is immediate family means you see nobody.
I've had people who are descendants of ancestors, but not related to anyone in the tree at the time of joining.
I figured they would be able to see only deceased persons until they had built the path from themselves to the rest of the tree.

There is NO "relationship path" involved in the access consideration, no "length" calculation

What is the number, if not the length of the path?

I do SQL at work, so I expected that if we cannot determine "level of relationship" then we can't say they are within that. (No comparison with null is ever true.)

This therefore requires that the user is linked to an INDi in the tree

The people I spoke of each an INDI, but those INDIs were linked to no one until someone did the edits and additions to establish those links.

However you want it to work is OK, but it wasn't obvious that it would work that way.

--
Wes Groleau
UniGen.us/

Please Log in or Create an account to join the conversation.

  • ToyGuy
  • Offline
  • Moderator
  • Moderator
  • Live like it's Christmas every day - Santa Stephen
More
11 years 10 months ago #12 by ToyGuy
Replied by ToyGuy on topic Re: Privacy Settings
If your policy is different than the norm, but they are related to someone listed on the tree, then simply set their INDI ID to that person already listed. They can then build the tree from there.

Quite simply, I require that they supply their lineage and personal details before I would grant them access to any details on my site, including sources, since sources contain many personal details of other contributors. If their information is at risk, then I assume they may be a bit more responsible about abusing privacy rules. If not, then what do they have to lose??

Santa Stephen the Fabled Santa
Latest webtrees at MyArnolds.com
Hosted by webtreesonline.com , a division of GeneHosts LLC
MacOS 10.6.8, Apache 2.2+, PHP 5.4.16, MySQL 5.5.28

Please Log in or Create an account to join the conversation.

More
11 years 10 months ago #13 by kiwi
Replied by kiwi on topic Re: Privacy Settings

WGroleau wrote: The people I spoke of each an INDI, but those INDIs were linked to no one until someone did the edits and additions to establish those links.

Sorry, you have me totally confused. I thought we were discussing Carmen's problem?

If you have a problem related to your requirements (which appear to be completely different to Carmen's), please start a fresh topic.

Please Log in or Create an account to join the conversation.

  • JustCarmen
  • Topic Author
  • Offline
  • Elite Member
  • Elite Member
More
11 years 10 months ago #14 by JustCarmen
Replied by JustCarmen on topic Re: Privacy Settings
ToyGuy I know you totally disagree with me, but it turned out I am not crazy after all.

What I described in my first topic was default PGV Behavior. While migrating and testing my new webtrees site I left my old PGV site on a separate part of the server.
I went to my old PGV site and made a new test user similar to user 2 as described in my first topic. This user actually can see names of living people but no other details, just the way it should be (in my opinion).

Further in my faqlist of the old pgv site I found this text:
WHY DO I NEED TO REGISTER?
Only registered users can see names of living people. When you are not registered you will only see "Private" instead of the names of living people.

I checked if this was default text by downloading a fresh copy of the latest PGV version and found the exact same text in languages/faqlist.en.php

So on my new webtrees site I was expecting something similar, but it is clear to me that the developers of webtrees decided to restrict the privacy settings a little bit further.

But this topic is becoming more a discussion then a question at the moment, because my question is already answered. But maybe in future releases you guys could reconsider the privacy settings. In the facebook world we live in nowadays I really can't see any why it should be a problem to give non-linked users a little more information (just names of living people) then non-registered visitors.


Carmen
Designer of the JustLight theme (comes with a light and dark color palette), Fancy Imagebar, Fancy Research Links and Fancy Treeview for webtrees 2


Check my website at www.justcarmen.nl

Please Log in or Create an account to join the conversation.

More
11 years 10 months ago #15 by WGroleau
Replied by WGroleau on topic Re: Privacy Settings

thought we were discussing Carmen's problem?

Just explaining why I expected the same behavior she expected.

--
Wes Groleau
UniGen.us/

Please Log in or Create an account to join the conversation.

More
11 years 10 months ago #16 by fisharebest
Replied by fisharebest on topic Re: Privacy Settings
@Carmen,

If I understand correctly, you want two classes of user.

1) "trusted" users - who are related to you, and linked to an individual in your tree.

2) "untrusted" users - who are not related to you, and not linked to an individual in your tree.

You want the "untrusted" users to have the same level of access as visitors, but with the added ability to see the names of private (e.g. living) individuals.

What validation/verification do you do for these "untrusted" users?

If you have checked them out - why not make them "trusted" users.

If you don't check them out, and approve anyone who asks, then why not simply show all private names to visitors?

Greg Roach - greg@subaqua.co.uk - @fisharebest@phpc.social - fisharebest.webtrees.net

Please Log in or Create an account to join the conversation.

  • ToyGuy
  • Offline
  • Moderator
  • Moderator
  • Live like it's Christmas every day - Santa Stephen
More
11 years 10 months ago #17 by ToyGuy
Replied by ToyGuy on topic Re: Privacy Settings
Carmen

Please, I'm not trying to be argumentative, nor have my replies been of a personal nature.

Too, please stop comparing PGV to webtrees. There are nearly 6,000 changes in the code and the two now have little to do with one another, except that the base code for webtrees was the PGV code. As a generality, the team finds that comparisons tend to undervalue or even demean the extensive efforts we have made to create a unique solution to online genealogy.

Within those thousands of changes, and to secure webtrees from attacks and security holes, we have made many decisions about privacy. This is one of those instances. I'm sorry if you expected something else, based on experiences with a different product, but webtrees' WIKI outlines how to configure and what to expect in access and privacy.

WHY DO I NEED TO REGISTER?
Only registered users can see names of living people. When you are not registered you will only see "Private" instead of the names of living people.

Yes, this was a default configuration option with PGV, but it too remains a default configuration option with webtrees. I don't see any conflict here. Of course, with both programs, you can change this setting and allow everyone, registered or not, to see the names of living persons. This can be a violation of law in many countries, so we recommend research and caution should you take this approach.

In the facebook world we live in nowadays I really can't see any why it should be a problem to give non-linked users a little more information (just names of living people) then non-registered visitors.

Here, you would have to submit this as a Request for new feature.

Yes, we have a fundament difference of opinion about allowing registration. I see it as a privilege to be earned with a primary specific goal in mind - to further the data contained within our family tree. You can only become a user by supplying key personal information allowing us to create an INDI page for each user. If a user (registered person) fails to abide by the sites terms and conditions of use, we terminate their access. You may choose to operate your site as you wish and I have neither criticized you for your choices nor condemn you for doing differently.

As a matter of policy, webtrees operates these forums as a effective method of assisting with questions, concerns and problems by our users. While these issues are personal to that submitter, the answers are always intended to help the entire body of webtrees' users, not only that one submitter. This is why we are adamant that each forum topic be focused on a precisely titled (subject) and the thread stay on topic. The team's solutions are directed to the community as a whole, not only to submitter.

I hope this pulls this thread toward closure. If you believe you need the particular feature you discuss, please submit it on the Request for new features forum where it can be discussed further and if someone is interested, can modify the code to add another option.

Santa Stephen the Fabled Santa
Latest webtrees at MyArnolds.com
Hosted by webtreesonline.com , a division of GeneHosts LLC
MacOS 10.6.8, Apache 2.2+, PHP 5.4.16, MySQL 5.5.28

Please Log in or Create an account to join the conversation.

Powered by Kunena Forum
}