Configure restricted view in project settings

[mrivoal]

I originally created this issue in Sipi repository #224 as a reminder of a discussion with @lrosenth a few weeks ago.

Some project will need to define the maximum resolution allowed for their publicly available images. Due to some restrictions, some projects are allowed to display images : their resolution should be good enough for the unknown user to view but not good enough to make further image processing treatments interesting for this user.

@lrosenth talked about a configuration script for Sipi per project. That would imply to create a new property in Knora to deal with this file in (I guess) admin data.

[mrivoal]

What is the status of the issue and Sipi's one?

One of our projets (drawings-gods) has drop their old database for Knora/Salsah, but they must comply with the agreements signed by the parents of the children whose drawings are now available online. And only a lower resolution of the drawings is allowed.

Any idea how we could proceed?

[benjamingeer]

You can already set this in the permissions for each image. Just set RV knora-base:UnknownUser in the permissions of all the project's images. I believe you can also make this a default for new images (@subotic?).

I don't think it makes sense to make Sipi responsible for this, because you want to distinguish between known and unknown users. Sipi doesn't have that information, but Knora does.

Or is the issue that you want to make it impossible for project members to create images with different permissions?

[mrivoal]

You can already set this in the permissions for each image. Just set RV knora-base:UnknownUser in the permissions of all the project's images.

Yes, but the current permission RV knora-base:UnknownUser doesn't allow the user to view the image at all, the resolution is just too low.

The idea for this projet is that the permission RV knora-base:UnknownUser should allow the user to view the image with a satisfactory resolution, but not good enough for the user to try and upload images so that he could runs image processing on it. If you look at the related sipi issue, it looks like this use case is not isolated.

For some project, the current RV resolution is fine. But some projects want to define the maximum resolution for the images Sipi is providing (let's say during an embargo period, for example). Hence the idea that is should be configurable at the project level:

• e.g. define the max resolution allowed,
• provide a watermark or a default image for the RV permission.

[benjamingeer]

Yes, but the current permission RV knora-base:UnknownUser doesn't allow the user to view the image at all, the resolution is just too low.

The meaning of "restricted view" is programmable in Sipi. You can make it return images with any size you like, or with watermarks. See the function pre_flight in sipi.init-knora.lua.

When #874 is implemented, Sipi will get the project ID as part of the image request URL. So your custom Sipi script will even be able to change the meaning of "restricted view" per project.

[mrivoal]

That is a very good news.

Given that #874 is scheduled for february milestone, the timing is just perfect for us. Wonderful. Thanks!

[benjamingeer]

OK, now that I know it's a priority for you, it'll be the next thing I work on.

[subotic]

Actually, the meaning of RV should be set in the project inside Knora dasch-swiss/sipi#77

It is not feasible to change the deployment configuration of Sipi for each new project that is added.

This information will need to be provided by webapi to sipi. Then the standard preflight script can perform the correct restriction.

[subotic]

So, yes, we will need a new set of properties for the project. Maybe something like this?

• knora-admin:restrictedViewHasResolutionX:300
• knora-admin:restrictedViewHasResolutionY:300
• knora-admin:restrictedViewHasWatermark: URL to watermark

[benjamingeer]

I was thinking that if they run their own Sipi instance, they can do whatever they want with it. Their Lua pre-flight script can have an if-else for each project. Perhaps that would be good enough in the short term, especially if they need this quickly?

Longer term, I see your point, we don’t want project-specific configuration in a centralised Sipi instance.

[mrivoal]

I was thinking that if they run their own Sipi instance, they can do whatever they want with it. Their Lua pre-flight script can have an if-else for each project. Perhaps that would be good enough in the short term, especially if they need this quickly?

Yes, we could do that as a workaround. But anyway, if I understand correctly, we have to wait until #874 is implemented.

And can you make a guess on when the longer-term solution could be implemented (just wondering)?

[benjamingeer]

we have to wait until #874 is implemented.

I think I can do that next week.

And can you make a guess on when the longer-term solution could be implemented (just wondering)?

That would be @subotic, it depends on when he has time.

[subotic]

I hope I can begin working on it next week.

[mrivoal]

Thanks to you two.

[subotic]

A rudimentary implementation is done in #1197. It allows specifying a restricted view size property in the project. This value (if set) is then used in Sipi's preflight script instead of the one in settings.

After I merge this PR, I will make a new Knora release.