+1

@Ninja-007 you also need this feature implemented in joomla ?

@Milglius Yes, I feel it is basic feature to preserve privacy. Without it, the Joomla will be in-conflict with EU GDPR.

Use the JCE Editor. You can add several profiles with different rights even per single user or group and ... or ... and .....

@ReLater Thanks for the reply. Well believe that there must be some extensions (like JCE Editor as you have sugegsted) which implements this fuctionality. Due to above mentioned reasons, I would like to see it in stock Joomla.

My two cents worth:

I don't think that Joomla conflicts with the GDPR but the website owners that let upload private images in an unprotected /images/ folder via editor, even if it is separated in several subfolders "owned" by a single user.

Things like that should have a more tricky privacy protection than just seemingly "private" directories in editors.

If there's a free well tested and supported 3rd editor out there (and other extensions) why a feature like this in core? Just some more settings/options ;-)

Joomla in core already have 3 editors and none of these core editors have this feature, but this feature is basic in many popular cms software

This feature is not an editor specific feature and shouldn't be tied to an editor in the first place. JCE offers additional functionality beyond just an editor.

Maybe here's a better place to post the feature request(?):
https://github.com/joomla-projects/media-manager-improvement/issues

@Milglius @mbabker @ReLater Thanks for your reply.

The issue can be looked in different directions.

1. Does it cause violation of GDPR?
   1.1. If yes then should we improve it or leave as it is?
   1.2. If no then should we consider it as an improvement?
2. What does it mean to website administrator and users?

My answers

1. Yes it does cause violation of GDPR. The whole concept of GDPR is based on explicit data- view and retain consents by owner of the data. It will be really hard to get permission of user to keep his data visible to every user on the site. If site admin does not take the explicit consent user then he will be liable to legal action.
   1.1 Yes, we should fix it. The feature is basic and present in other CMS.
   1.2 Yes, we should.

2. Lets keep the GDPR out from it. The media manager can have private data like pictures, salary details, passports etc which cause problems (e.g. identity theft, blackmail etc.) to owner if they fall in wrong hands.

@Milglius Please consider moving the request to the mediamanager repo. @ReLater thanks.

All I wanted to say above is: It's not the job of Joomla core to protect any website against any thinkable GDPR violation. There are too many corners where violations could occur if a site owner builds a website with "strange" features. That's a bottomless pit.

If site admin does not take the explicit consent user then he will be liable to legal action.

That's exactly the point I'm talking about. YOU have to ask for consent and log it! And let folks remove their datas if they ask YOU to remove them. Joomla since 3.9 can help you to manage this.

The Joomla standard folder /images/ is NEVER the correct place to save not public "private data like pictures, salary details, passports". What a bad idea.

You need specialised, more or less restrictive, extensions for things like that, that keep these datas reliably closed.

So, the GDPR argument doesn't count for me here.

But yes, it would be a nice feature to protect media folders from chaos.
That's why I use the JCE package and all of it's features and extensions ;-) But I never would say that it would be sufficient to protect me against GDPR violations in any case where users are crazy enough to upload sensitive datas in a simple media folder. Or I'm the crazy one to ask them to upload these datas there.

@ReLater Thansk for the reply.

These are initial requirements which I can think right now. Based on replies of other people, we can evolve them.

1. This proposed folder structure.
   -Root (e.g. /images)
   --Group
   ---individual folder of each group (e.g. Public, SuperUser, Registered, Guest, ...)
   --ACL
   ---individual folders of each ACL (e.g. Special, SuperUser, ...)
   --Users
   ---individual folders of each user. (e.g. David, blabla, ...)
   -Site bin It is bin for deleted folders. It is accessible to only SuperUser.

2. The folders should be created on corresponding item creation/activation. For example, when new user is enabled and activated, then his folder should be created.

3. User folder should be deleted when user account is deleted. Same is true for ACL and group folders. The deleted folders will go to site bin.

4. User will see only his folder, ACL folder and group folder. He can add new files/folders, edit current ones, delete etc.
   For example: User called Donald who is in Editor, Registered groups and Liberty ACL will see following structure.
   -/
   -Group
   --Editor
   ---Bin
   --Registered
   ---Bin
   -ACL
   --Liberty
   ---Bin
   -User
   --Donald
   ---Bin

Bin

1. There should be a bin for deleted folders. It should keep their data for 30 days or till manual clearance of the bin.
2. Every user, group and ACL folder will have own bin. When they delete something from their own folder, it should go their bin.
3. Every site has site bin which is accessible to superuser.
4. Bin folder cannot be deleted.

Problem use cases:

1. Rename of groups, ACL and usernames will break links.
2. Creation and deletion of file or folder with same name may create problem for bin. It can be handled by attaching timestamp to the name to make them unique.

Now i agree that without this feature (When uploading image in frontend allow users to see only their media files and not others. Restrict Media Library Access to User’s Own Uploads) there is nothing to protect media folders and pictures from chaos in Joomla core.

What are main obsticles that prevents implementing this feature in joomla core?

What are main obsticles that prevents implementing this feature in joomla core?

To find a volunteer who thinks that this feature is worth to be programmed, tested, corrected and implemented. A time-consuming action.

What I wanted to know is What are main obsticles in the joomla 3.9 core code that prevents implementing this feature in joomla core?

I don't know. To investigate that is one big part of the time-consuming action if you want to implement a complex feature in an existing and forward going system like Joomla. It has to be compliant with all thinkable editors that use the media manager, must be B\C. Where and how to configure it. And so on.

What I wanted to know is What are main obsticles in the joomla 3.9 core code that prevents implementing this feature in joomla core?

Joomla core does not have the concept of a media library with file attributes and ACL restrictions. The media manager is nothing more than a fancy interface that loops over all objects in a directory and shows them with appropriate icons/actions. Creating an ACL restricted system in part means creating a media library in your database with information about uploads to be able to implement ACL restrictions, implementing support for this type of feature is a major tasking for a volunteer.

So jce implemented this concept ?
@mbabker
Maybe joomla core should make it in plugin ?

When you activate the plugin it disables the ability for users to see or access other members images.
This is really good because maybe you have Authors, Contributors and Subscribers that writes posts etc. and you do not want them to be able to use or see other members media files to their own content.
To test it out create 3 users, 1 Admin and 2 Author's for an example. As Admin you are able to see all media files from all the users on the site.
Upload some photos or other media files as Admin. Log out Login as Author 1 and click on the Add Media button for an post or a page. Now you do not see any media files at all. If the plugin was inactivated you would be able to see the photos that the Admin uploaded. Now, upload some photos as Author 1. Log out. Repeat step 2 for Author 2. As you can see Author 2 cannot see the files uploaded from the Admin and from the Author 1.

I don't use JCE myself so I don't know what they did to create such a feature. All I know is it is not a simple feature to implement because Joomla does not save anything about the images directory in the database, and THAT is a prerequisite to be able to fully implement ACL around the media manager.

So now if you have 50 or 1000 authors Joomla core is unable to manage their images and you get chaos ?
Joomla core 3.9.2 media maneger problems:

1. Every time you download all images.
2. It is almost imposible to find the image one uploaded.

@mbabker I am right or still missing something?

Is media manager development team working on this problem for joomla 4 ?

If there are extensions (like apparently JCE) which offer that functionality, what's the problem? Just install that. That's what extensions are for.

@Bakual Which extension offer this functionality when uploading and inserting images allow users to see only their media files and not others ? It doesnt seem that Jce can offer this functionality

@Milglius There are several extensions allowing that. Just have in mind these are mainly for article images and that those same users might see full content of image folder/media library when elsewhere in joomla. That because of the reasons Michael mentioned above.

Some examples of extensions providing what you ask for:
JCE: https://www.joomlacontenteditor.net/support/tutorials/editor/setting-the-file-directory-path
Ark: https://arkextensions.com/documentation/ark-editor/147-editor-user-folders
and Page builder CK: https://www.joomlack.fr/en/blog/183-custom-media-folder-for-each-user

@ot2sen in the link you gave Jce image upload is disabled for security reasons ? For security reasons this site does not allow uploading image? What is the reason that even Jce developers do not trust this extension image upload? If its not secure on their demo site why it should be secure on our production site? Image upload is main reason for this New feature request.

Ark demo simply do not work. If it do not work on demo site why it should work on production site? Image upload is main reason for this New feature request.

Page builder CK demo do not exists, or I simply cant find it.

These are the reasons for New feature request.

@Milglius Developers have plenty of resaons to keep their demos clean and avoid it getting cluttered by what people could add to it. So some features may not be active in demos.

You can download and test where you can allow the feature to be active in your own environment.
It works, in the sense of users seeing only own images. As described above it is not full ACL restriction.

In JCE you have to define in the profiles a file path for "Image Manager" and/or "File Browser" plugin with placeholders like

$id - Will be replaced with the user ID
$username - Will be replaced with the user username
$usertype - Will be replaced with the user usertype eg: author
$profile - Will be replaced with the profile name
$year - Will be replaced with current year, eg: 2010
$month - Will be replaced with current month number, eg: 06
$day - Will be replaced with the day number, eg: 10

You can define several JCE profiles with lots of switches where they shall be used (frontend, backend, group, user, component...).
And you just need the free base package (named "Core") to do that.

If it do not work on demo site why it should work on production site?

Because many people use this feature successfully ;-)

@Milglius
Yo have placed your feature request. Anybody can read it and understand it. But like I said above. You have to wait until a volunteer is willing to spend the time for programming it. Why don't you start the project yourself?
In other words: What do you expect from whom if you're repeating your request again and again and again?
Joomla is OpenSource and based upon work of volunteers.

Thanks all of you for you replies.

I have two questions. Although they are not related to the issue directly.

1. Is there any quasi-democratic way to decide the feature requests? How is it done now?

2. Are there any guidelines for deciding features in core, core extensions and for third party extensions ?

Is there any quasi-democratic way to decide the feature requests? How is it done now?

There is no such way at all. There is no central instance which decides which features are built and which aren't. It's more like ideas float around until someone feels interested enough to pick it up and build it.

At the end of the day an idea is just an idea until someone writes some code.

as @ReLater mentioned code is already written in JCE and he claims that many people use this feature successfully ;-)

nd Joomla in core already have 3 editors and none of these core editors have this feature, but this feature is basic in many popular cms software, I think that joomla core shoudn't lag so behind using outdated editors and it feels interested enough to many people to use this feature.

Do we need to do pull request to implement this feature?

Do we need to do pull request to implement this feature?

Yes

nd Joomla in core already have 3 editors and none of these core editors have this feature

This is not an editor specific feature. Implementing it should not be coupled to an editor, it should be designed around the existing core media manager and all of its integration points. JCE may include the feature as part of its package because core doesn't offer such a feature, but that does not mean that the core feature should only be implemented as part of the TinyMCE editor and users of CodeMirror or any other third party editor be excluded.

Who can make pull request and is willing to do so?

Thanks to @Ninja-007 , @ReLater , @mbabker , @Bakual , @ot2sen and others we know a lot, but now we all need a pull request to see how it gets along in real world not in teory.

Maybe someone knows if new media manager teem is working on this issue? Their last report is more then a year old, please update us on whats going on, we dont want to develop features which new media team is devoloping for years, we want to contribute for the project development

To the best of my knowledge there is no further work being done on the media manager in terms of features

@laoneo can you please Comment?

who is responsible for the media manager features ?

https://volunteers.joomla.org/teams/new-media-manager-team

Who can make pull request and is willing to do so?

Thanks to @Ninja-007 , @ReLater , @mbabker , @Bakual , @ot2sen and others we know a lot, but now we all need a pull request to see how it gets along in real world not in teory.

Anyone can make a pull request, including yourself. Not all pull requests are accepted. So you should discuss it first to make sure it is worth your time creating a pull request. It may be that after looking at it the use case is not for the majority, which would be a reason it may not be accepted.

I definitely see the use myself, but that doesn't mean everyone would use it. I'd like to see a lot done with the media manager, but I don't have time or skills to do these things myself, so they don't happen.

Finding someone willing to create your feature request and complete a pull request is harder. It's not a small job you are asking for. Given that people are volunteering and doing it in their spare time, they often choose a project that they are interested in. The best place to look would be Glip I think. I don't know how you would get access to Glip, but perhaps someone here can advise. Don't expect to just ask and have a flood of volunteer free coders. But if you develop the idea and encourage people to join in then you may get some interest. It's likely there will be some work for you in this feature request, such as defining the scope fully.

At the end of all this you may find that it's simply quicker and easier to use one of the already available options such as JCE Editor. I'm not trying to put you off or discourage you, but I'm trying to set realistic expectations for how things work.

This should be closed

So was this feature implemented? Or request just closed couse joomla developers just dont care about joomla users? Brian you made a pull request for this feature ?

This should be opened

please read message it already in j4 (maybe in end this year)
no feature for j3 are planned
if you need for j3 check jed ... a simple search on google => https://kubik-rubik.de/de/eir-easy-image-resizer

@Milglius it's not about caring. There are a lot of Joomla! users. And developers working for free in their spare time. It's not sustainable to implement everyone's idea. Isn't it great that this is being implemented in J4 and isn't it great the guys at JCE have taken their time to build this.

please read message it already in j4 (maybe in end this year)
no feature for j3 are planned
if you need for j3 check jed ... a simple search on google => https://kubik-rubik.de/de/eir-easy-image-resizer

If it is in J4 then it will be great. There is no point in adding in J3, as it is maintenance release.

@micker @Ninja-007
Confusion with the other topic concerning image size ;)
As far as I know ACL for media are not implemented and no one is working on this.

Whoops. Even so JCE offers a solution so that's great. €25 is very reasonable for all the additional benefits you get. @Milglius you seem dead against trying JCE, but it really is a great tool.

@uglyeoin I agree JCE is good tool, but now we dont have money for Pro version. Maybe in the futute we'll have.

We need to implement image resize feature in JCE Core Editor on upload.

for example then user uploads a 5Mb photo plugin that should automaticaly resize that photo to 200Kb or 70% smaller the file size?

how to implement this feature ?

can we have this feature in JCE core Editor ?

Our users think its a basic feature of a modern editor, and should be included in each JCE core edition.

So as I understand our only option now is to create our own free open source plugin for JCE core edition to have this feature - resize joomla article image on upload?

@Milglius Unfortunately JCE is a commercial extension, and with the greatest of respect, you are being quite demanding in thinking they should give it to you for free, or to save you paying €30 someone else should code you the equivalent. Joomla! is a modern CMS, everyone has different uses.

For things like your questions you should be going to the forum and not to Github, you would find many answers, some free, some paid, but lots of ideas. I don't have this use so I can't advise you. I do things differently and use srcset.

Nobody has suggested this, but you could develop a custom open source plugin. I think it would be cheaper and less time consuming to buy the JCE version, but that is a decision for you to make if you don't have the €30 budget and your users need this.

You could even submit it to the core so everyone has access to it in Joomla! core. It doesn't have to be JCE it could be TinyMCE which is great, and comes for free with Joomla! core. I think that would be an amazing contribution and a great way to say thanks for all the free software the other contributors are writing that goes into Joomla.

This thread is about permissions not about about resizing, but an answer to what looks to be free software was posted https://kubik-rubik.de/en/eir-easy-image-resizer. There are lots of free bits of software in Joomla! Aren't people like Victor Vogel amazing to create this software and save you €30? It must have been a good number of hours/days work to create this. If you use it, you could leave a helpful review on the JED to say thanks, or tweet about it to give him some coverage and encourage him to keep creating useful software.

@uglyeoin In that case acording to you logic joomla also should be paid for example 30€

if someone wants to help us to create JCE core Editor plugin free and open source please contact me
we think that way we all contribute to joomla in best way : implement image resize feature in JCE Core Editor on upload as free plugin.

@uglyeoin and regarding for arvertised rubik plugin its free only for images up 100 kb if you have 5 MB image you need to buy paid version.

Theus who think that joomla should be free and image resize on upload should be free please join

https://github.com/Milglius/resizeonupload

Your help is moust wanted.

We want to give for all joomla users plugin for free.

We need to stop discussion on this thread. More than enough solutions are provided.

these above provided solutions dont work or are paid

so no free working solution provided

here we can create solution

https://github.com/Milglius/resizeonupload

Issue locked. Thanks to all.