Create more sofisticated user rights

[bpatrik]

Currently there are 4+1 types of users with fixed right settings in the app (see: https://github.com/bpatrik/pigallery2/blob/master/USERRIGHTS.md)

Furthermore all users can see the whole gallery and it cannot be split up.

This FR proposes to replace the rigid user roles into separate rights, like: from:

{
name: "John",
role:"Admin"
}

{
name:"John",
rights:[
"writingSettings",
"listing gallery",
"searching",
"sharing"
]
}

This FR would not resolve #81, #188, #129, #301 but would take a step into that direction and would enable future gallery changing features #76, #305

[kagahd]

Why not defining roles this way?

{
role:"Admin",
rights:[
"writingSettings",
"listing gallery",
"searching",
"sharing"
]
}

And then associate the role to the user as you did already:

{
name: "John",
role:"Admin"
}

Or did I misunderstand you?

[bpatrik]

The first one is what kinda we have now.

What I can image is to have a (hardcoded) role template, but the app user could override them per user level.

So instead of specifying for a give feature what kind of role you need: https://github.com/bpatrik/pigallery2/blob/77b2d7e92af03df6bf55464c47ef51c3eefa8cc5/src/common/config/public/ClientConfig.ts#L163-L166

We can specify for a user what kind of rights it has. It would be more similar to what linux does with groups.

The main reason behind it is that on my personal app I never want to see any delete, rotate etc. button, but people keep asking: #76, #305 This feature would eventually allow it.

[andiohn]

I would love the ability to only give users album access and the whole gallery be restricted. For instance; my family can see pictures I mark in an album. Can´t see others.