IsolatedSites

By Área de Tecnología Educativa Allows filtering out items from sites user where has no role from the admin browse page in Omeka S
Download v1.0.2

IsolatedSites Module for Omeka S

The IsolatedSites module enhances the Omeka S admin experience by allowing users to only view content (items, item sets, assets, and sites) they are explicitly permitted to access.
This improves clarity, security, and usability in multi-site, multi-user environments.

✨ Features

  • User Settings Extension:
  • Two new options are added in each user's settings (Profiles β†’ User Settings):
    • πŸ”’ Limit to granted sites:
    • Items and Item Sets assigned to sites where the logged-in user has no role are filtered out from the admin browse pages.
    • In the Admin Dashboard and under the "Sites" navigation menu, only the sites where the user has assigned roles are shown.
    • πŸ“„ Limit assets list to my own assets:
    • Assets not owned by the logged-in user are hidden from the admin browse page.
  • Automatic Filtering:
  • When enabled, content filtering is automatic without requiring any manual user action.
  • Admin Exemption:
  • Global administrators retain unrestricted access to all content, regardless of the settings.
  • Docker Compose for Easy Testing:
  • A simple Docker environment is included for fast testing and development.

πŸš€ Installation

Manual Installation

  1. Download the latest release from GitHub.
  2. Extract the ZIP file into your Omeka S modules directory.
  3. In the Omeka S Admin Panel, navigate to Modules, find IsolatedSites, and click Install.

Using Docker (for testing)

A docker-compose.yml file is provided:

# Make sure you have Docker and Docker Compose installed
git clone https://github.com/ateeducacion/omeka-s-IsolatedSites.git
cd omeka-s-IsolatedSites
make up

  • Wait for the containers to start (this may take a minute).

  • Access Omeka S at http://localhost:8080.

  • Finish installation via the web installer and log in as admin.

πŸ› οΈ Usage

After installing the module:

  1. Go to Profiles β†’ User Settings.
  2. Enable the options:
  3. Limit to granted sites
  4. Limit assets list to my own assets
  5. Save changes.

Depending on the settings enabled, the admin interface will be dynamically filtered to show only the permitted resources.

πŸ“‹ Requirements

  • Omeka S version 4.x or later
  • PHP 7.4 or newer
  • Composer (only for building or developing)

🧩 Technical Notes (Summary)

  • New User Settings: Two flags are added per user:
  • limit_to_granted_sites
  • limit_to_own_assets
  • Event Listeners:
  • Listeners attached to api.search.query events filter the resources dynamically at query time.
  • API event listeners handle custom settings in user API operations.
  • Resource Filters:
  • Items: Filtered based on granted sites.
  • Item Sets: Filtered based on granted sites.
  • Assets: Filtered based on ownership.
  • Sites: Filtered based on granted site permissions.
  • Admin Users: Administrators are exempt from restrictions.
  • API Integration: Custom user settings are accessible through both REST API and PHP API.
  • No Permission Changes: This module only changes admin UI visibility and adds API access to custom settings, it does not alter underlying Omeka S permission checks.

πŸ”Œ API Integration

The custom user settings (limit_to_granted_sites, limit_to_own_assets) are fully integrated with Omeka-S API:

REST API Usage

Reading user data (GET /api/users/{id}):

{
  "o:id": 1,
  "o:name": "John Doe",
  "o:email": "john@example.com",
  "o:role": "editor",
  "o:is_active": true,
  "o-module-isolatedsites:limit_to_granted_sites": true,
  "o-module-isolatedsites:limit_to_own_assets": false
}

Updating user data (PUT /api/users/{id}):

{
  "o:name": "Updated Name",
  "o-module-isolatedsites:limit_to_granted_sites": false,
  "o-module-isolatedsites:limit_to_own_assets": true
}

PHP API Usage

Using Service Manager in $service and api in $api Omeka/ApiManager $response = $api->read('users', $ID); $user = $response->getContent(); $userSettingsService = $services->get('Omeka\Settings\User'); $userSettingsService->setTargetId($user->id());

$userSettingsService->get('limit_to_granted_sites', false) $userSettingsService->get('limit_to_own_assets', false)

Updating settings:

$api->update('users', 1, [
    'o:name' => 'Updated Name',
    'o-module-isolatedsites:limit_to_granted_sites' => true,
    'o-module-isolatedsites:limit_to_own_assets' => false
],[],'isPartial'=> true);

Note: For PHP API calls, custom settings must be accessed via getJsonLd() or helper methods. See API_INTEGRATION_README.md for complete documentation.

πŸ“„ License

This module is released under the GNU General Public License v3.0 (GPL-3.0).

πŸ“¬ Support

For questions, suggestions, or contributions, please open an Issue or submit a Pull Request.

Version Released Minimum Omeka version
v1.0.2September 25, 2025 [info]^3.0.0 || ^4.0.0
v1.0.1July 22, 2025 [info]^3.0.0 || ^4.0.0
v1.0.0April 28, 2025 [info]^3.0.0 || ^4.0.0