PROPOSED – Image restrictions and access

Image access permissions can be applied “globally” across the entire Photo library or “individually” when bulk uploading or editing images.

Please note that the functionality outlined on this page will not be “live” until 1 December 2024. Though the information is described in the present tense, assume the backoffice functionality is inoperable until that date.

On 1 December 2024, we will introduce new functionality to the image permissions mechanism to improve and better align with the Asset library workflow. The information below introduces the new mechanism and will allow you to ask any questions before we switch over to the new functionality.

Setting global image permissions

Previously, there were two ways to restrict image access:

  1. Image size and watermark restrictions (specific to member groups)
  2. Image access restrictions (specific to image categories)

These have now been combined into a single image access mechanism, allowing Administrators to set whether a particular member group is allowed to access an image and which sizes they’re allowed to download.

It is important to note, however, that “Categories” will no longer be used as a way to restrict access to an image (or group of images).
 

Image permission definitions

The new mechanism has four permission options:

These image access permissions can be applied “globally” across the entire Photo library or “individually” when bulk uploading or editing images.

Only member groups given access to Download High Res images will be able to create and export Custom size images. To see a list of the pre-configured image size options that ship with Brand Toolbox, view Export custom image sizes & formats.
 

A note about access

If a member group “Can Download Watermarked only”, members of that group will only be able to VIEW and DOWNLOAD a low resolution, Small (630px) Watermarked image. They will see the options for Small (non-watermarked), MediumLargeOriginal and Custom size (see red exclamation symbols below), however, they cannot DOWNLOAD the images until their request for higher resolution images is granted.

Frontend image download restrictions icon 

Requests for high resolution images can be made via the online Image Request Form linked to each download button. The form is sent to the Image Administrator^^ as an email for approval. Once approved, the member will then be allowed to download the high resolution image for the approved images only.

^^ Find out how to “Configure Administrators to approve the image requests”.
 

Setting the “global” image access options

Image access permissions must first be set on the “Image library” root node. Once set, these options will filter (cascade) through to all images contained in the library unless overridden down the node tree (see “Image inheritance” below).

To set global permissions:

  1. Select the “Permissions” tab on the “Image library” node in the “Media” section:

    Setting global image access permissions

  2. For all member groups that you wish to give access to the Photo library images, add the member group(s) against the appropriate “Can Download High Res, Low Res only or Watermarked only” properties.

    There are three properties to choose from, giving you four access options (see definitions above):

    •  Can Download High Res
    •  Can Download Low Res only
    •  Can Download Watermarked only
    •  No access    ^^^

    ^^^ If you DO NOT want a member group to have access to particular images in the library, do not add them to any of the three access properties. If you DO NOT want a member group to view the Photo library altogether, restrict access to the Photo library via the “Public access” action.

  3. To remove a member group, click “Remove” against the member group or the “Remove all permissions” button to unassign all groups.
  4. Click “Save” to set the global settings^^^^.

^^^^ Note that the first time the global settings are added or if they are changed down the track (and depending on the quantity of images in the library), it might take some time for the settings to filter through to all images in the library. Please be patient before expecting the frontend results to reflect the new permissions.

“Disable all access” toggle
The “Disable all access” toggle allows you to configure access for the property BUT prevents the permissions being applied. This is useful when first setting up a new library and you aren’t ready to grant the permissions until a later date.

Image inheritance

We’ve introduced a new image access inheritance model.

Base level permissions added to the Media [section] > Image library [root node] > Permissions [tab] will now inherit (cascade) down the media tree into both image folders and individual images.

This means that you don’t need to apply permissions to folders (or groups of images) if the settings are identical to the parent folder(s) up the media tree. You only set an “override” on underlying folders or images when you want them to differ.

Here’s how it works...

  1. Set base permissions on the root node as shown above at “Setting the global image access options’.
  2. Child folders (and images within them) automatically inherit these base permissions unless overridden on either the image folder nodes or individual image nodes.

    Image inheritance settings

Inheritance link symbol Inherited member groups display as grey text with a green link symbol.

Override link symbol Overridden groups display as black text with a broken link symbol.

The new mechanism allows you to apply common member group permissions across multiple image folders and separately apply different access to different images.

Restricting access to the Photo library altogether

“Public access” restrictions allow you to define which member groups are allowed to view (access) the Photo library.

When applied, the entire Photo library (and menu links to it) will be hidden from view.

Public access link

Default settings

By default, the Photo library inherits permissions from the site’s root node (e.g. the “Home” node in the “Content” section). If no public access permissions are applied to the “Photo library” node, then members who are able to log into the site can also access the Photo library.

Restricting access to the Photo library

You may decide to make the Photo library available to ‘Employee’ members only. For example, you may own internal images and wish to exclude 3rd party or external suppliers (e.g. Non-employees) from viewing the library.

To restrict access to the ‘Employee’ member group only, follow the steps below:

  1. Right-click the “Photo library” node in the Content tree and select the Public access option in the actions menu (or select it from the Actions menu after selecting the “Photo library” node).

    Public access restrictions on the Photo library node

  2. The Public Access slide out menu appears. Select Role based protection and click Select.
     
    Image category role based protection slide out menu
     
  3. Pick the member groups that you would like to provide Photo library access to. You will see a list of all member groups for your site in the left hand list. Use the ( >> ) or ( << ) buttons to move these groups to/from the right hand list. For an ‘Employee’ group member to be able view the page, it must appear in the right hand list (as per below).
     
    Public access role based protection slide out menu

  4. Specify the Login Page. This is important in the event a user attempts to browse to this “protected” page without first being logged into the site. In this scenario, they will first be redirected to login:
    • Choose: Login
  5. Specify the Error Page. This is the page that users are redirected to when logged on but do not have access to the library:
    • Choose: Error  (DO NOT CHOOSE ‘Server Error 404’)
  6. Click the Save button to enable changes.

Creating permanent and shareable links

For guidance on how to share images with external (general public) users, visit the ‘Creating permanent and shareable links’ section.

Free
demo