Versions Compared

Old Version 14

changes.mady.by.user Nick Sellen

Saved on

compared with

New Version Current

changes.mady.by.user Nick Sellen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note

We structure the permissions definitions in terms of questions to be answered. The permissions below are what we are actually implementing in the code right now.

 

Wall

Permissions are for the wall itself, not the wall posts. If the user has permission on the wall, they have the permission on all the wall posts too.

, a checkbox means we have implemented it (smile)

Wall Post

    
Wall ContextConditioncreate postcomment on postreadeditmoderatedeleteadminx 
Useralways
  •  owner of wall
  •  registered users
  •  userowner of wall
  •  owner of post
  •  
  • owner of wall
  •  owner of post
 
  if profile visibility "public"  
  •  everyone
   
   if profile visibility "registered users"  
  •  registered users
    
 if profile visibility "communities"  
  •  communities of user
   
  if profile visibility "connected users"  
  •  users connections
    
 if profile visibility "private"  
  •   
   
Groupalways
  •  members
  •  members
  •  members
  •  owner of post
  •  owner of post
  •  (more via teams)
 
 teams     
  •  with x wall action

Group

Users in a group don't have any special permissions. To have any permission they need to be in a team with the appropriate action.

  •  members
TypeConditioncreatedeleteeditjoinmanage teamsx 
Communityalways
  •  registered users
  •  users in team with "superadmin" action
  •  
  • users in team with "superadmin" action
  •  registered users
  •  users in team with "superadmin" action
  
All groupsalways
  •  users in group team with "create" action
  •  users in group team with "delete" action
   
  •  with x group action
 

Group Actions

is_content_included_in_parent" on group 
ActionDescription
editrename group, change description, change picture, change category of group, keywords, change region
manage teamscreate new team, edit team, delete team, add action, remove action (note: at some point we need to distinguish which actions are able to be granted, e.g. POSSIBLY if you can "  
  •  members of all parents
 manage teams" yourself, this should not let you give others the "manage teams" permission... needs more discussion... can an admin make other people admin?)

Group team defaults

When a subgroup is created, it will have some teams and actions created by default.

Team Namecreatedeleteeditmanage teams  
admin✓?✓?   
superadmin✓?✓?✓?✓?  

 

Not represented things

  • if the wall is for a team, and the team is for a group, and that group has another team with "<some kind of special super admin>" permission, then:
    • TBC