Disable export menu for guests and members

GrampsWeb: 5.2.2

Is it possible to disable EXPORT menu/feature for guest (and members)?

Guest and members cannot import, but can export. That makes no sense for me (this is my data security paranoia speaking). Disabled menu in UI is enough for me.

Please let me know if it’s possible or not before I’ll dive into the code (JS is not my language of choice).

Thanks!

1 Like

Hi,

no, it’s not possible, but let me elaborate why.

Gramps Web is not just a web site, it is based on a powerful REST API to access a Gramps database. By assigning users to groups, you grant them certain permissions how to access the database via the API.

A member has read access to the entire database. Consequently, they can access all the information in your tree. They can also access the /api/exporters/file/gramps endpoint to generate & download a gramps XML file. Hiding the “export” button from the Gramps Web interface wouldn’t change this fact.

A “guest” user (which is a bit of a misnomer because, as you know, they are still registered users) cannot access private records. This applies to both the web interface (which technically is just a nice way to consume the API) and the XML export. Privacy is built in at database level.

The question is where your “data security paranoia” stems from, then. If you are worried that the export will expose information that is not otherwise visible, rest assured, that’s not the case.

Finally, there’s the question about disallowing Gramps XML export even for data the user is allowed to see. This also wouldn’t be any privacy benefit as the user could trivially fetch all information in the database via a couple of GET requests and import them into a local Gramps database. But, more importantly, this would be diametrically opposed to Gramps Web’s philosophy: namely, to make genealogical data available (to those who you choose to be authorized to view it) in open formats, without locking them into a specific website or provider.

If what you are after is a web site where you present your genealogy but do not want others to access the same data in raw form, Gramps Web wouldn’t be the right choice. I would recommend the Narrative Web or Dynamic Web reports in that case.

David,

I looked into code and into API specs. I better understand your approach to API. I do not fully agree with it (this is same ‘paranoia’ :slight_smile: ). However, I’m not starting religious war on this topic due to couple reasons. I really like grampsweb and I appreciate your work. I also noticed that Revisions are not displayed for guests, so I’ll disable Export by same way.

I also reported couple bugs 523 and 524. Both of them are about private entities. :frowning:

-anton

1 Like

Hi. I also would highly vote for to deactivate the sidbar selector “Export” for Guest/Member level. You would do me (and others I guess) a big favour to implement this. Thanks in advance

It’s not about doing a favour or not. I think I explained pretty well above that it does not make sense technically, and it is against the whole philosophy or Gramps Web do make it intentionally difficult to download data one has the right to access.

2 Likes

For what’s it worth +1 for the hiding export feature based on some criteria that are easier to implement and make sense to the product’s overall philosophy.

The use case, in my specific case, the use case is that I don’t want a guest to download ALL the work I have done/created w/ just a click. The alternate, for me, is that I make everything private

Thanks in advance for reading and thank you for all the work. REALLY enjoying the product

1 Like

I vote +1 for NOT hiding the export feature.

With a few clicks, many have accessed ALL the hard work the Gramps/Gramps Web team have done, and given away freely. Such is the spirit of Gramps Web and open source IMO.

I vote +1 to make the export feature optional.
Open source application it is not the same as a free accessed database. Another example: Gramps with open source code has a beautiful “Private” feature for people, citations etc.
Another example with ability setup export privacy is Myheritage. This is a very handy feature when some users can have a full access, another users have partial access and other users have no access.
It would be a very good addition to Gramps web

1 Like

And as +1 argument I already added some deputy admins which certainly allow export ALL data any time. But guests like “interested” persons should have limited access for a certain time and for some certain reason they should not be able to dump ALL data offline. It’s just being able to adjust some more privacy features on different levels of user.

1 Like