...
Note |
---|
We structure the permissions definitions in terms of questions to be answered. The permissions below are what we are actually implementing in the code right now. |
Wall
Permissions are for the wall itself, not the wall posts. If the user has permission on the wall, they have the permission on all the wall posts too.
, a checkbox means we have implemented it |
Wall Post
Wall Context | Condition | create post | comment on post | read | edit | moderate | delete | admin | x | ||
---|---|---|---|---|---|---|---|---|---|---|---|
User | always |
|
|
|
|
| |||||
if profile visibility "public" |
| ||||||||||
if profile visibility "registered users" |
| ||||||||||
if profile visibility "communities" |
| ||||||||||
if profile visibility "connected users" |
| ||||||||||
if profile visibility "private" | |||||||||||
Group | always |
|
|
|
|
| |||||
teams |
|
Group
Users in a group don't have any special permissions. To have any permission they need to be in a team with the appropriate action.
Type | Condition | create | delete | edit | join | manage teams | x | |
---|---|---|---|---|---|---|---|---|
Community | always |
|
|
|
|
| ||
All groups | membersalways |
|
|
|
Group Actions
Action | Description | |
---|---|---|
edit | rename group, change description, change picture, change category of group, keywords, change region | |
manage teams | create new team, edit team, delete team, add action, remove action (note: at some point we need to distinguish which actions are able to be granted, e.g. POSSIBLY if you can "manage teams" yourself, this should not let you give others the "manage teams" | is_content_included_in_parent" on grouppermission... needs more discussion... can an admin make other people admin?) |
Group team defaults
When a subgroup is created, it will have some teams and actions created by default.
Team Name | create | delete | edit | manage teams | ||
---|---|---|---|---|---|---|
admin | ✓ | ✓? | ✓? | |||
superadmin | ✓? | ✓? | ✓? | ✓? |
Not represented things
- if the wall is for a team, and the team is for a group, and that group has another team with "<some kind of special super admin>" permission, then:
- TBC