Indicator for "private" files

[chillu]

trafficstars

Overview

We've identified a few inconsistencies with private file handling: https://github.com/silverstripe/silverstripe-assets/issues/220 and https://github.com/silverstripe/silverstripe-assets/issues/221. In order to ensure private files (access protected through canView) can be handled safely in the CMS, we need to inform users on how those files differ from others, and what the implications are.

Acceptance Criteria

• As an author selecting existing images and files for my website content, I can tell when the selected item isn't available for everyone because the file is "private" (access restricted) or "protected (draft)
• This behaviour applies to file browsing as part of embedding in HTML, associating as relationships, and managing files (asset admin)
• Both "private" and "protected" files are sufficiently explained in userhelp
• There is an explanation on how those files are different in the CMS context, and it links to userhelp

Notes

• Should not significantly slow down file browsing performance
• Does not need to notify users when restricting files which are already associated with content
• Should use an "anonymous canView" check rather than looking at database permissions, in order to catch any extensions to File->canView

[chillu]

@silverstripeux I'm wondering how we can achieve this. A "lock" icon on each file with hover info, and some accessible fallback that doesn't get read out on every file? Keep in mind that a file can both be protected (draft) and private (access restricted). I'd be fine if we just pick one of these icons, rather than add "multi icon" support or something.

There's more we could do: Notify you when you unpublish, access restrict or delete a file that's already associated to content. That's imperfect at best of times, since we don't comprehensively track those relationships, and what counts as "used in website content". I'm putting this in the "too hard" basket for now.