When requesting help please provide as much information as possible. Explain what version of webtrees, PHP and MYSQL you are using. If possible provide a URL to your site so we can see the problem first-hand.
Tip: Think about putting these details in your signature, so it appears in the footer of ALL your messages
Question Privacy Settings
- JustCarmen
- Topic Author
- Offline
- Elite Member
- user 1 is linked to an individual in the family tree and has the role member and a level of 3;
- user 2 is not linked to an individual in the family tree and also has the role member;
These are my privacy settings:
Privacy options: ENABLED
Show dead people: SHOW TO VISITORS
Names of private individuals: SHOW TO MEMBERS
Show private relationships: YES
When a visitor tries to enter the record of a living individual he gets the notice that that person does not exist or he has no right to see any information - CORRECT
When user 1 enters the record of a living individual outside his family branch he only sees the name of that person and NO other details. - CORRECT
When user 2 enters the record of any living individual he sees the name of that person AND all the details! - NOT CORRECT
I expected user 2 could not see the details of any living individual on the site but just their names.
Are my settings incorrect of is this a bug?
Carmen
Designer of the JustLight theme (comes with a light and dark color palette), Fancy Imagebar, Fancy Research Links and Fancy Treeview for webtrees 2
Check my website at www.justcarmen.nl
Please Log in or Create an account to join the conversation.
- fisharebest
- Offline
- Administrator
This seems correct to me. You have given the user the role "member". Members can see living individuals. Visitors cannot.
Both user1 and user2 are members. The difference is that one is linked to an individual. This makes the difference that the linked individual can see *ALL* the data attaced to their own record - whatever privacy rules are added. This is to comply with the law in many countries that a person can always see all data held on them.
The "level 3" means that user1 is restricted to living individuals who are within 3 relationship steps.
User2 has no such restriction.
The option "Names of private individuals: SHOW TO MEMBERS" exists to grant *extra* permissions to visitors. It allows them to see the names of private (i.e. living) individuals, but not details.
Greg Roach - greg@subaqua.co.uk - @fisharebest@phpc.social - fisharebest.webtrees.net
Please Log in or Create an account to join the conversation.
- JustCarmen
- Topic Author
- Offline
- Elite Member
This is what I want:
Non-registered visitors are not allowed to see anything regarding to living people. Not even their names.
I have two types of registered users on my site. Users who are part of the family tree and users who are not.
I want to allow all registered users to see the names of living individuals.
Details of living people should only be shown to users within their family branch. So a user with no id in the tree, should not see any details of any living person (only their names).
When I set the role of user 2 back to visitor and leave all the privacy settings as mentioned before, he can't see names of living people.
When I set the option 'Names of private individuals' back to 'show to visitors' every visitor (registered or non-registered) can see names.
Is it possible to make such a difference between registered and non-registered users regarding the privacy settings?
Carmen
Designer of the JustLight theme (comes with a light and dark color palette), Fancy Imagebar, Fancy Research Links and Fancy Treeview for webtrees 2
Check my website at www.justcarmen.nl
Please Log in or Create an account to join the conversation.
- ToyGuy
- Offline
- Moderator
- Live like it's Christmas every day - Santa Stephen
Wow, pretty convoluted configuration. Why give the 'non-edit' users access at all? Effectively, don't they have VISITOR rights = See dead people only?
Nigel spent a lot of time developing the full description of the access and privacy on the WIKI:
wiki.webtrees.net/Access_and_Privacy
It is pretty comprehensive and not difficult to understand unless you skim it or take items out of context or don't read all the details. Otherwise, rather self-explanatory.
HOWEVER, members are members. If you grant the membership at all, then the ability to block names of living persons is not possible. Your only possibility would be to create a default person (add an unlinked person) and attach each of your visitor members to that person and set relationship pathlink to 1.
Santa Stephen the Fabled Santa
Latest webtrees at MyArnolds.com
Hosted by webtreesonline.com , a division of GeneHosts LLC
MacOS 10.6.8, Apache 2.2+, PHP 5.4.16, MySQL 5.5.28
Please Log in or Create an account to join the conversation.
- JustCarmen
- Topic Author
- Offline
- Elite Member
And I read the wiki of course before I asked the question.
But you helped me out with your suggestion of adding an unlinked person.
Carmen
Designer of the JustLight theme (comes with a light and dark color palette), Fancy Imagebar, Fancy Research Links and Fancy Treeview for webtrees 2
Check my website at www.justcarmen.nl
Please Log in or Create an account to join the conversation.
- kiwi
- Offline
- Platinum Member
Although its not the way I would work (as Stephen says: "too convoluted"), I can see where Carmen wants to get.Effectively, don't they have VISITOR rights = See dead people only?
Simply put, she wants these registered users to be limited to the same rights as a non-registered user PLUS the ability to see only the names of living people. That's sort of like the "guest" role we debated extensively when the privacy rules were thoroughly amended. The decision was made not to have such an additional level.
Nigel
www.our-families.info
Please Log in or Create an account to join the conversation.
- JustCarmen
- Topic Author
- Offline
- Elite Member
I just tried the solution of adding an unlinked person and dropped it again. It gave me what I want, users linked to this person (with a level 1) can see names of living people, but on their My Page they get a link to the individual page and the familiy tree of this fake person. So that is not a nice solution after all.
I decided to set back all the roles of users without a link in the tree to visitor.
Thanks for your quick replies and keep up the good work!
Carmen
Designer of the JustLight theme (comes with a light and dark color palette), Fancy Imagebar, Fancy Research Links and Fancy Treeview for webtrees 2
Check my website at www.justcarmen.nl
Please Log in or Create an account to join the conversation.
- ToyGuy
- Offline
- Moderator
- Live like it's Christmas every day - Santa Stephen
We don't allow anyone to register that is not a relative, or doing official, paid genealogy for a relative and then, only via an account established for that relative. Every registered person must be listed - a requirement before granting any kind of membership or access beyond a non-registered visitor. Also allows us to restrict them to their branch.
I think you would find this a far better solution. I have nearly a dozen fishing/phishing requests per week and we simply state - if you aren't a relative DONT ASK.
Santa Stephen the Fabled Santa
Latest webtrees at MyArnolds.com
Hosted by webtreesonline.com , a division of GeneHosts LLC
MacOS 10.6.8, Apache 2.2+, PHP 5.4.16, MySQL 5.5.28
Please Log in or Create an account to join the conversation.
- WGroleau
- Offline
- Platinum Member
- Posts: 2152
I would expect to see all details only if there exists a relationship path less than "N" length from me. If there is no path at all, then there should be no details at all.
To put it in pseudo-SQL, I expect
--
Wes Groleau
UniGen.us/
Please Log in or Create an account to join the conversation.
- kiwi
- Offline
- Platinum Member
I assume you haven't' looked at the options for relationship privacy (in user account settings) lately?
The question there is "Restrict to immediate family?". The options available are "no, 1,2,3...10", with the digits representing levels of relationship, and the default = "no".
Two things are required to enable relationship privacy:
1 - set a level of 1 or greater
2 - the system must be able to calculate a distance from "somewhere". This therefore requires that the user is linked to an INDi in the tree.
With either of these missing, relationship privacy is not applied, and the user has access to everything accorded to a user with their role.
Nigel
www.our-families.info
Please Log in or Create an account to join the conversation.
- WGroleau
- Offline
- Platinum Member
- Posts: 2152
But intuitively (to MY intuition), seeing immediate family when nobody is immediate family means you see nobody.
I've had people who are descendants of ancestors, but not related to anyone in the tree at the time of joining.
I figured they would be able to see only deceased persons until they had built the path from themselves to the rest of the tree.
What is the number, if not the length of the path?There is NO "relationship path" involved in the access consideration, no "length" calculation
I do SQL at work, so I expected that if we cannot determine "level of relationship" then we can't say they are within that. (No comparison with null is ever true.)
The people I spoke of each an INDI, but those INDIs were linked to no one until someone did the edits and additions to establish those links.This therefore requires that the user is linked to an INDi in the tree
However you want it to work is OK, but it wasn't obvious that it would work that way.
--
Wes Groleau
UniGen.us/
Please Log in or Create an account to join the conversation.
- ToyGuy
- Offline
- Moderator
- Live like it's Christmas every day - Santa Stephen
Quite simply, I require that they supply their lineage and personal details before I would grant them access to any details on my site, including sources, since sources contain many personal details of other contributors. If their information is at risk, then I assume they may be a bit more responsible about abusing privacy rules. If not, then what do they have to lose??
Santa Stephen the Fabled Santa
Latest webtrees at MyArnolds.com
Hosted by webtreesonline.com , a division of GeneHosts LLC
MacOS 10.6.8, Apache 2.2+, PHP 5.4.16, MySQL 5.5.28
Please Log in or Create an account to join the conversation.
- kiwi
- Offline
- Platinum Member
Sorry, you have me totally confused. I thought we were discussing Carmen's problem?WGroleau wrote: The people I spoke of each an INDI, but those INDIs were linked to no one until someone did the edits and additions to establish those links.
If you have a problem related to your requirements (which appear to be completely different to Carmen's), please start a fresh topic.
Nigel
www.our-families.info
Please Log in or Create an account to join the conversation.
- JustCarmen
- Topic Author
- Offline
- Elite Member
What I described in my first topic was default PGV Behavior. While migrating and testing my new webtrees site I left my old PGV site on a separate part of the server.
I went to my old PGV site and made a new test user similar to user 2 as described in my first topic. This user actually can see names of living people but no other details, just the way it should be (in my opinion).
Further in my faqlist of the old pgv site I found this text:
WHY DO I NEED TO REGISTER?
Only registered users can see names of living people. When you are not registered you will only see "Private" instead of the names of living people.
I checked if this was default text by downloading a fresh copy of the latest PGV version and found the exact same text in languages/faqlist.en.php
So on my new webtrees site I was expecting something similar, but it is clear to me that the developers of webtrees decided to restrict the privacy settings a little bit further.
But this topic is becoming more a discussion then a question at the moment, because my question is already answered. But maybe in future releases you guys could reconsider the privacy settings. In the facebook world we live in nowadays I really can't see any why it should be a problem to give non-linked users a little more information (just names of living people) then non-registered visitors.
Carmen
Designer of the JustLight theme (comes with a light and dark color palette), Fancy Imagebar, Fancy Research Links and Fancy Treeview for webtrees 2
Check my website at www.justcarmen.nl
Please Log in or Create an account to join the conversation.
- WGroleau
- Offline
- Platinum Member
- Posts: 2152
Just explaining why I expected the same behavior she expected.thought we were discussing Carmen's problem?
--
Wes Groleau
UniGen.us/
Please Log in or Create an account to join the conversation.
- fisharebest
- Offline
- Administrator
If I understand correctly, you want two classes of user.
1) "trusted" users - who are related to you, and linked to an individual in your tree.
2) "untrusted" users - who are not related to you, and not linked to an individual in your tree.
You want the "untrusted" users to have the same level of access as visitors, but with the added ability to see the names of private (e.g. living) individuals.
What validation/verification do you do for these "untrusted" users?
If you have checked them out - why not make them "trusted" users.
If you don't check them out, and approve anyone who asks, then why not simply show all private names to visitors?
Greg Roach - greg@subaqua.co.uk - @fisharebest@phpc.social - fisharebest.webtrees.net
Please Log in or Create an account to join the conversation.
- ToyGuy
- Offline
- Moderator
- Live like it's Christmas every day - Santa Stephen
Please, I'm not trying to be argumentative, nor have my replies been of a personal nature.
Too, please stop comparing PGV to webtrees. There are nearly 6,000 changes in the code and the two now have little to do with one another, except that the base code for webtrees was the PGV code. As a generality, the team finds that comparisons tend to undervalue or even demean the extensive efforts we have made to create a unique solution to online genealogy.
Within those thousands of changes, and to secure webtrees from attacks and security holes, we have made many decisions about privacy. This is one of those instances. I'm sorry if you expected something else, based on experiences with a different product, but webtrees' WIKI outlines how to configure and what to expect in access and privacy.
Yes, this was a default configuration option with PGV, but it too remains a default configuration option with webtrees. I don't see any conflict here. Of course, with both programs, you can change this setting and allow everyone, registered or not, to see the names of living persons. This can be a violation of law in many countries, so we recommend research and caution should you take this approach.WHY DO I NEED TO REGISTER?
Only registered users can see names of living people. When you are not registered you will only see "Private" instead of the names of living people.
Here, you would have to submit this as a Request for new feature.In the facebook world we live in nowadays I really can't see any why it should be a problem to give non-linked users a little more information (just names of living people) then non-registered visitors.
Yes, we have a fundament difference of opinion about allowing registration. I see it as a privilege to be earned with a primary specific goal in mind - to further the data contained within our family tree. You can only become a user by supplying key personal information allowing us to create an INDI page for each user. If a user (registered person) fails to abide by the sites terms and conditions of use, we terminate their access. You may choose to operate your site as you wish and I have neither criticized you for your choices nor condemn you for doing differently.
As a matter of policy, webtrees operates these forums as a effective method of assisting with questions, concerns and problems by our users. While these issues are personal to that submitter, the answers are always intended to help the entire body of webtrees' users, not only that one submitter. This is why we are adamant that each forum topic be focused on a precisely titled (subject) and the thread stay on topic. The team's solutions are directed to the community as a whole, not only to submitter.
I hope this pulls this thread toward closure. If you believe you need the particular feature you discuss, please submit it on the Request for new features forum where it can be discussed further and if someone is interested, can modify the code to add another option.
Santa Stephen the Fabled Santa
Latest webtrees at MyArnolds.com
Hosted by webtreesonline.com , a division of GeneHosts LLC
MacOS 10.6.8, Apache 2.2+, PHP 5.4.16, MySQL 5.5.28
Please Log in or Create an account to join the conversation.