We have several organizations and several users per organization in our application. We would like to create several albums with photos for each organization. There will be an admin who will have app specific permission to create these albums and all users should be able to view them. Note: Use开发者_JS百科rs from other organizations should not be able to view these photos. Users mentioned here don't have google accounts and have their own custom authentication.
I was planning to have a user/password credential in google per organization which will allow us to post photos into picasaweb.
We are aware that picasaweb uses OAuth to authenticate users, would it be possible to do this via an API token so that user need not provide the auth credentials every time they want to upload a photo. Note: We will upload photos using the Java API and not directly inside the portal.
How can we ensure that only users from this Organization are able to view these photos.
I haven't got a response to my thread in the picasaweb mailing list
That's an interesting one... It sounds like you'll need to be saving a full set of permissions that are entirely separate from Google, but linked to individual image IDs from Picasa.
Why not set up some tables in your auth database that links userIDs to the IDs of images that they are allowed to access? If you want something less granular, you can just set up organization-specific groups and link the users to organizations which are then linked to a collection of images that they are allowed to view. (This is all under the assumption that all of these photos are viewed and uploaded through your application interface rather than through Picasa)
When an admin user uploads a photo through your app, pull the list of organizations or users and allow the admin to select who has access to it. When the photo is sent to google, pull the ID of the image and save it to your database. This allows you to keep your photos organized however you'd like in Picasa, but still gives you full control of how those photos are accessed through your app.
You CAN use a session token to sign in with and use it for extended periods, though I am not sure how far you can stretch it's use (ie: throughout multiple organizations?). You can read up on it here: http://code.google.com/apis/accounts/docs/AuthSub.html
General Picasa development info which you've probably already gone over: http://code.google.com/apis/picasaweb/docs/2.0/developers_guide_protocol.html
Hope this helps point you in the right direction. Good luck.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论