aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--doc/hidden_configs.bb308
-rw-r--r--doc/permissions.bb108
2 files changed, 128 insertions, 288 deletions
diff --git a/doc/hidden_configs.bb b/doc/hidden_configs.bb
index 5bb7454ec..6e093dbfc 100644
--- a/doc/hidden_configs.bb
+++ b/doc/hidden_configs.bb
@@ -1,10 +1,7 @@
-[b]Advanced Configurations for Administrators[/b]
-
+[h1]Advanced Configurations for Administrators[/h1]
$Projectname contains many configuration options hidden from the main admin panel.
-These are generally options considered too niche, confusing, or advanced for
-the average member. These settings can be activated from the the top level web
-directory with the syntax
+These are generally options considered too niche, confusing, or advanced for the average member. These settings can be activated from the the top level web directory with the syntax
[code]util/config cat key value[/code]
for a site configuration, or
@@ -13,221 +10,96 @@ for a site configuration, or
for a member configuration.
This document assumes you're an administrator.
+[h2]pconfig[/h2][dl terms="mb"]
+ [*= system.always_my_theme ] Always use your own theme when viewing channels on the same hub. This will break in some quite imaginative ways when viewing channels with theme dependent Comanche.
+ [*= system.blocked ] An array of xchans blocked by this channel. Technically, this is a hidden config and does belong here, however, addons (notably superblock) have made this available in the UI.
+ [*= system.default_cipher ] Set the default cipher used for E2EE items.
+ [*= system.display_friend_count ] Set the number of connections to display in the connections profile widget.
+ [*= system.do_not_track ] As the browser header. This will break many identity based features. You should really just set permissions that make sense.
+ [*= system.forcepublicuploads ] Force uploaded photos to be public when uploaded as wall items. It makes far more sense to just set your permissions properly in the first place. Do that instead.
+ [*= system.network_page_default ] Set default params when viewing the network page. This should contain the same querystring as manual filtering.
+ [*= system.paranoia ] Sets the security level of IP checking. If the IP address of a logged-in session changes apply this level to determine if the account should be logged out as a security breach.
+Options are:
+ 0 — no IP checking
+ 1 — check 3 octets
+ 2 — check 2 octets
+ 3 — check for any difference at all
-[b]pconfig[/b]
- [b]system.user_scalable[/b]
- Determine if the app is scalable on touch screens. Defaults to on, to
- disable, set to zero - real zero, not just false.
- [b]system.always_my_theme[/b]
- Always use your own theme when viewing channels on the same hub. This
- will break in some quite imaginative ways when viewing channels with
- theme dependent Comanche.
- [b]system.paranoia[/b]
- Sets the security level of IP checking. If the IP address of a logged-in session changes
- apply this level to determine if the account should be logged out as a security breach.
- Options are:
- 0 - no IP checking
- 1 - check 3 octets
- 2 - check 2 octets
- 3 - check for any difference at all
- [b]system.prevent_tag_hijacking[/b]
- Prevent foreign networks hijacking hashtags in your posts and directing them at its own resources.
- [b]system.blocked[/b]
- An array of xchans blocked by this channel. Technically, this is a
- hidden config and does belong here, however, addons (notably
- superblock) have made this available in the UI.
- [b]system.default_cipher[/b]
- Set the default cipher used for E2EE items.
- [b]system.network_page_default[/b]
- Set default params when viewing the network page. This should contain
- the same querystring as manual filtering.
- [b]system.display_friend_count[/b]
- Set the number of connections to display in the connections profile
- widget.
- [b]system.taganyone[/b]
- Requires the config of the same name to be enabled. Allow the @mention tagging
- of anyone, whether you are connected or not. This doesn't scale.
- [b]system.startpage[/b]
- Another of those technically hidden configs made available by addons.
- Sets the default page to view when logging in. This is exposed to the
- UI by the startpage addon.
- [b]system.forcepublicuploads[/b]
- Force uploaded photos to be public when uploaded as wall items. It
- makes far more sense to just set your permissions properly in the first
- place. Do that instead.
- [b]system.do_not_track[/b]
- As the browser header. This will break many identity based features.
- You should really just set permissions that make sense.
-
-[b]Site config[/b]
- [b]system.taganyone[/b]
- Allow the @mention tagging of anyone whether you are connected or not.
- [b]system.directorytags[/b]
- Set the number of keyword tags displayed on the directory page. Default is 50 unless set to a
- positive integer.
- [b]system.disable_directory_keywords[/b]
- If '1', do not show directory keywords. If the hub is a directory server, prevent returning
- tags to any directory clients. Please do not set this for directory servers in the RED_GLOBAL realm.
- [b]system.disable_dreport[/b]
- If '1', don't store or link to delivery reports
- [b]system.startpage[/b]
- Set the default page to be taken to after a login for all channels at
- this website. Can be overwritten by user settings.
- [b]system.projecthome[/b]
- Set the project homepage as the homepage of your hub. (Obsolete)
- [b]system.auto_channel_create[/b]
- Add the necessary form elements to create the first channel on the account registration page, and create it
- (possibly following email validation or administrator approval). This precludes the ability to import a channel
- from another site as the first channel created on this site for a new account.
- Use with system.default_permissions_role to streamline registration.
- [b]system.default_permissions_role[/b]
- If set to a valid permissions role name, use that role for
- the first channel created by a new account and don't ask for the "Channel Type" on
- the channel creation form. Examples of valid names are: 'social', 'social_restricted', 'social_private',
- 'forum', 'forum_restricted' and 'forum_private'.
- Read more about permissions roles [zrl=[baseurl]/help/roles]here[/zrl].
- [b]system.default_photo_profile[/b]
- Set the profile photo that new channels start with. This should contain the name of a directory located
- under [font=courier]images/default_profile_photos/[/font], or be left unset. If not set then 'rainbow_man' is assumed.
- [b]system.workflow_channel_next[/b]
- The page to direct new members to immediately after creating a channel.
- [b]system.workflow_register_next[/b]
- The page to direct members to immediately after creating an account (only when auto_channel_create or UNO is enabled).
- [b]system.max_daily_registrations[/b]
- Set the maximum number of new registrations allowed on any day.
- Useful to prevent oversubscription after a bout of publicity
- for the project.
- [b]system.tos_url[/b]
- Set an alternative link for the ToS location.
- [b]system.block_public_search[/b]
- Similar to block_public, except only blocks public access to
- search features. Useful for sites that want to be public, but
- keep getting hammered by search engines.
- [b]system.proc_run_use_exec[/b]
- If 1, use the exec system call in proc_run to run background tasks. By default
- we use proc_open and proc_close. On some (currently rare) systems this does not work well.
- [b]system.paranoia[/b]
- As the pconfig, but on a site-wide basis. Can be overwritten
- by member settings.
- [b]system.transport_security_header[/b]
- if non-zero and SSL is being used, include a strict-transport-security header on webpages
- [b]system.poke_basic[/b]
- Reduce the number of poke verbs to exactly 1 ("poke"). Disable other verbs.
- [b]system.openssl_conf_file[/b]
- Specify a file containing OpenSSL configuration. Needed in some Windows installations to
- locate the openssl configuration file on the system.
- Read the code first. If you can't read the code, don't play with it.
- [b]system.optimize_items[/b]
- Runs optimise_table during some tasks to keep your database nice and
- defragmented. This comes at a performance cost while the operations
- are running, but also keeps things a bit faster while it's not.
- There also exist CLI utilities for performing this operation, which you
- may prefer, especially if you're a large site.
- [b]system.expire_limit[/b]
- Don't expire any more than this number of posts per channel per
- expiration run to keep from exhausting memory. Default 5000.
- [b]system.dlogfile[/b]
- Logfile to use for logging development errors. Exactly the same as
- logger otherwise. This isn't magic, and requires your own logging
- statements. Developer tool.
- [b]system.authlog[/b]
- Logfile to use for logging auth errors. Used to plug in to server
- side software such as fail2ban. Auth failures are still logged to
- the main logs as well.
- [b]system.hide_in_statistics[/b]
- Tell the red statistics servers to completely hide this hub in hub lists.
- [b]system.reserved_channels[/b]
- Don't allow members to register channels with this comma separated
- list of names (no spaces)
- [b]system.auto_follow[/b]
- Make the first channel of an account auto-follow channels listed here - comma separated list of webbies (member@hub addresses).
- [b]system.admin_email[/b]
- Specifies the administrator's email for this site. This is initially set during install.
- [b]system.cron_hour[/b]
- Specify an hour in which to run cron_daily. By default with no config, this will run at midnight UTC.
- [b]system.minimum_feedcheck_minutes[/b]
- The minimum interval between polling RSS feeds. If this is lower than the cron interval, feeds
- will be polled with each cronjob. Defaults to 60 if not set. The site setting can also be over-ridden
- on a channel by channel basis by a service class setting aptly named 'minimum_feedcheck_minutes'.
- [b]system.blacklisted_sites[/b]
- An array of specific hubs to block from this hub completely.
- [b]system.ignore_imagick[/b]
- Ignore imagick and use GD, even if imagick is installed on the server. Prevents some issues with PNG files in older versions of imagick.
- [b]system.no_age_restriction[/b]
- Do not restrict registration to people over the age of 13. This carries legal responsibilities in
- many countries to require that age be provided and to block all personal information from minors,
- so please check your local laws before changing.
- [b]system.override_poll_lockfile[/b]
- Ignore the lock file in the poller process to allow more than one process to run at a time.
- [b]system.projecthome[/b]
- Display the project page on your home page for logged out viewers.
- [b]system.sellpage[/b]
- A URL shown in the public sites list to sell your hub - display service classes, etc.
- [b]randprofile.check[/b]
- When requesting a random profile, check that it actually exists first
- [b]randprofile.retry[/b]
- Number of times to retry getting a random profile
- [b]system.photo_cache_time[/b]
- How long to cache photos, in seconds. Default is 86400 (1 day).
- Longer time increases performance, but it also means it takes longer for changed permissions to apply.
- [b]system.poco_rating_enable[/b]
- Distributed reputation reporting and data collection may be disabled. If your site does not participate
- in distributed reputation you will also not be able to make use of the data from your connections on
- other sites. By default and in the absence of any setting it is enabled. Individual members can opt out
- by restricting who can see their connections or by not providing any reputation information for their
- connections.
- [b]system.register_link[/b]
- path to direct to from the "register" link on the login form. On closed sites this will direct to
- 'pubsites'. For open sites it will normally redirect to 'register' but you may change this to a
- custom site page offering subscriptions or whatever.
- [b]system.max_import_size[/b]
- If configured, the maximum length of an imported text message. This is normally left at 200Kbytes
- or more to accomodate Friendica private photos, which are embedded.
- [b]system.tempdir[/b]
- Place to store temporary files (currently unused), default is defined in the PHP configuration
- [b]system.uploaddir[/b]
- Location to upload files (default is system.tempdir, currently used only by js_upload plugin)
- [b]system.disable_discover_tab[/b]
- This allows you to completely disable the ability to discover public content from external sites.
- [b]system.sys_expire_days[/b]
- How many days to keep discovered public content from other sites
- [b]system.openssl_encrypt[/b]
- Use openssl encryption engine, default is false (uses mcrypt for AES encryption)
- [b]system.max_tagged_forums[/b]
- Spam prevention. Limits the number of tagged forums which are recognised in any post.
- Default is 2. Only the first 'n' tags will be delivered as forums, the others will not cause any delivery.
- [b]system.hide_help[/b]
- Don't display help documentation link in nav bar
- [b]system.expire_delivery_reports[/b]
- Expiration in days for delivery reports - default 10
- [b]system.platform_name[/b] *
- What to report as the platform name in webpages and statistics. (*) Must be set in .htconfig.php
- [b]system.hide_version[/b] *
- If true, do not report the software version on webpages and tools. (*) Must be set in .htconfig.php
- [b]system.hidden_version_siteinfo[/b]
- If true, do not report the software version on siteinfo pages (system.hide_version also hides
- the version on these pages, this setting *only* hides the version on siteinfo pages).
- [b]system.email_notify_icon_url[/b]
- URL of image (32x32) to display in email notifications (HTML bodies).
-
-[b]Directory config[/b]
-[b]Directory search defaults[/b]
- [b]directory.safemode[/b]
- 0 or 1.
- [b]directory.globaldir[/b]
- 0 or 1. Default 0. If you visit the directory on a site you'll just see the members of that site by default. You have to go through an extra step to see the people in the rest of the network; and by doing so there's a clear delineation that these people *aren't* members of that site but of a larger network.
- [b]directory.pubforums[/b]
- 0 or 1. Public forums *should* be default 0.
-[b]Directory server configuration (see [zrl=[baseurl]/help/directories]help/directories[/zrl])[/b]
- [b]system.directory_server[/b]
- [b]system.directory_primary[/b]
- [b]system.directory_realm[/b]
- [b]system.realm_token[/b]
- [b]system.directory_mode[/b]
-
-
+ [*= system.prevent_tag_hijacking ] Prevent foreign networks hijacking hashtags in your posts and directing them at its own resources.
+ [*= system.startpage ] Another of those technically hidden configs made available by addons. Sets the default page to view when logging in. This is exposed to the UI by the startpage addon.
+ [*= system.taganyone ] Requires the config of the same name to be enabled. Allow the @mention tagging of anyone, whether you are connected or not. This doesn't scale.
+ [*= system.user_scalable ] Determine if the app is scalable on touch screens. Defaults to on, to disable, set to zero - real zero, not just false.
+[/dl]
+[h2]Site config[/h2][dl terms="mb"]
+ [*= randprofile.check ] When requesting a random profile, check that it actually exists first
+ [*= randprofile.retry ] Number of times to retry getting a random profile
+ [*= system.admin_email ] Specifies the administrator's email for this site. This is initially set during install.
+ [*= system.authlog ] Logfile to use for logging auth errors. Used to plug in to server side software such as fail2ban. Auth failures are still logged to the main logs as well.
+ [*= system.auto_channel_create ] Add the necessary form elements to create the first channel on the account registration page, and create it (possibly following email validation or administrator approval). This precludes the ability to import a channel from another site as the first channel created on this site for a new account. Use with system.default_permissions_role to streamline registration.
+ [*= system.auto_follow ] Make the first channel of an account auto-follow channels listed here - comma separated list of webbies (member@hub addresses).
+ [*= system.blacklisted_sites ] An array of specific hubs to block from this hub completely.
+ [*= system.block_public_search ] Similar to block_public, except only blocks public access to search features. Useful for sites that want to be public, but keep getting hammered by search engines.
+ [*= system.cron_hour ] Specify an hour in which to run cron_daily. By default with no config, this will run at midnight UTC.
+ [*= system.default_permissions_role ] If set to a valid permissions role name, use that role for the first channel created by a new account and don't ask for the "Channel Type" on the channel creation form. Examples of valid names are: 'social', 'social_restricted', 'social_private', 'forum', 'forum_restricted' and 'forum_private'. Read more about permissions roles [zrl=[baseurl]/help/roles]here[/zrl].
+ [*= system.default_photo_profile ] Set the profile photo that new channels start with. This should contain the name of a directory located under [font=courier]images/default_profile_photos/[/font], or be left unset. If not set then 'rainbow_man' is assumed.
+ [*= system.directorytags ] Set the number of keyword tags displayed on the directory page. Default is 50 unless set to a positive integer.
+ [*= system.disable_directory_keywords ] If '1', do not show directory keywords. If the hub is a directory server, prevent returning tags to any directory clients. Please do not set this for directory servers in the RED_GLOBAL realm.
+ [*= system.disable_discover_tab ] This allows you to completely disable the ability to discover public content from external sites.
+ [*= system.disable_dreport ] If '1', don't store or link to delivery reports
+ [*= system.dlogfile ] Logfile to use for logging development errors. Exactly the same as logger otherwise. This isn't magic, and requires your own logging statements. Developer tool.
+ [*= system.email_notify_icon_url ] URL of image (32x32) to display in email notifications (HTML bodies).
+ [*= system.expire_delivery_reports ] Expiration in days for delivery reports - default 10
+ [*= system.expire_limit ] Don't expire any more than this number of posts per channel per expiration run to keep from exhausting memory. Default 5000.
+ [*= system.hidden_version_siteinfo ] If true, do not report the software version on siteinfo pages (system.hide_version also hides the version on these pages, this setting *only* hides the version on siteinfo pages).
+ [*= system.hide_help ] Don't display help documentation link in nav bar
+ [*= system.hide_in_statistics ] Tell the red statistics servers to completely hide this hub in hub lists.
+ [*= system.hide_version ] If true, do not report the software version on webpages and tools. (*) Must be set in .htconfig.php
+ [*= system.ignore_imagick ] Ignore imagick and use GD, even if imagick is installed on the server. Prevents some issues with PNG files in older versions of imagick.
+ [*= system.max_daily_registrations ] Set the maximum number of new registrations allowed on any day. Useful to prevent oversubscription after a bout of publicity for the project.
+ [*= system.max_import_size ] If configured, the maximum length of an imported text message. This is normally left at 200Kbytes or more to accomodate Friendica private photos, which are embedded.
+ [*= system.max_tagged_forums ] Spam prevention. Limits the number of tagged forums which are recognised in any post. Default is 2. Only the first 'n' tags will be delivered as forums, the others will not cause any delivery.
+ [*= system.minimum_feedcheck_minutes ] The minimum interval between polling RSS feeds. If this is lower than the cron interval, feeds will be polled with each cronjob. Defaults to 60 if not set. The site setting can also be over-ridden on a channel by channel basis by a service class setting aptly named 'minimum_feedcheck_minutes'.
+ [*= system.no_age_restriction ] Do not restrict registration to people over the age of 13. This carries legal responsibilities in many countries to require that age be provided and to block all personal information from minors, so please check your local laws before changing.
+ [*= system.openssl_conf_file ] Specify a file containing OpenSSL configuration. Needed in some Windows installations to locate the openssl configuration file on the system. Read the code first. If you can't read the code, don't play with it.
+ [*= system.openssl_encrypt ] Use openssl encryption engine, default is false (uses mcrypt for AES encryption)
+ [*= system.optimize_items ] Runs optimise_table during some tasks to keep your database nice and defragmented. This comes at a performance cost while the operations are running, but also keeps things a bit faster while it's not. There also exist CLI utilities for performing this operation, which you may prefer, especially if you're a large site.
+ [*= system.override_poll_lockfile ] Ignore the lock file in the poller process to allow more than one process to run at a time.
+ [*= system.paranoia ] As the pconfig, but on a site-wide basis. Can be overwritten by member settings.
+ [*= system.photo_cache_time ] How long to cache photos, in seconds. Default is 86400 (1 day). Longer time increases performance, but it also means it takes longer for changed permissions to apply.
+ [*= system.platform_name ] What to report as the platform name in webpages and statistics. (*) Must be set in .htconfig.php
+ [*= system.poco_rating_enable ] Distributed reputation reporting and data collection may be disabled. If your site does not participate in distributed reputation you will also not be able to make use of the data from your connections on other sites. By default and in the absence of any setting it is enabled. Individual members can opt out by restricting who can see their connections or by not providing any reputation information for their connections.
+ [*= system.poke_basic ] Reduce the number of poke verbs to exactly 1 ("poke"). Disable other verbs.
+ [*= system.proc_run_use_exec ] If 1, use the exec system call in proc_run to run background tasks. By default we use proc_open and proc_close. On some (currently rare) systems this does not work well.
+ [*= system.projecthome ] Display the project page on your home page for logged out viewers.
+ [*= system.projecthome ] Set the project homepage as the homepage of your hub. (Obsolete)
+ [*= system.register_link ] path to direct to from the "register" link on the login form. On closed sites this will direct to 'pubsites'. For open sites it will normally redirect to 'register' but you may change this to a custom site page offering subscriptions or whatever.
+ [*= system.reserved_channels ] Don't allow members to register channels with this comma separated list of names (no spaces)
+ [*= system.sellpage ] A URL shown in the public sites list to sell your hub - display service classes, etc.
+ [*= system.startpage ] Set the default page to be taken to after a login for all channels at this website. Can be overwritten by user settings.
+ [*= system.sys_expire_days ] How many days to keep discovered public content from other sites
+ [*= system.taganyone ] Allow the @mention tagging of anyone whether you are connected or not.
+ [*= system.tempdir ] Place to store temporary files (currently unused), default is defined in the PHP configuration
+ [*= system.tos_url ] Set an alternative link for the ToS location.
+ [*= system.transport_security_header ] if non-zero and SSL is being used, include a strict-transport-security header on webpages
+ [*= system.uploaddir ] Location to upload files (default is system.tempdir, currently used only by js_upload plugin)
+ [*= system.workflow_channel_next ] The page to direct new members to immediately after creating a channel.
+ [*= system.workflow_register_next ] The page to direct members to immediately after creating an account (only when auto_channel_create or UNO is enabled).
+[/dl]
+[h2]Directory config[/h2]
+[h3]Directory search defaults[/h3][dl terms="mb"]
+ [*= directory.globaldir ] 0 or 1. Default 0. If you visit the directory on a site you'll just see the members of that site by default. You have to go through an extra step to see the people in the rest of the network; and by doing so there's a clear delineation that these people *aren't* members of that site but of a larger network.
+ [*= directory.pubforums ] 0 or 1. Public forums [i]should[/i] be default 0.
+ [*= directory.safemode ] 0 or 1.
+[/dl]
+[h3]Directory server configuration[/h3][i](see [zrl=[baseurl]/help/directories]help/directories[/zrl])[/i]
+[dl terms="mb"]
+ [*= system.directory_mode ]
+ [*= system.directory_primary ]
+ [*= system.directory_realm ]
+ [*= system.directory_server ]
+ [*= system.realm_token ]
+[/dl]
-
#include doc/macros/main_footer.bb;
diff --git a/doc/permissions.bb b/doc/permissions.bb
index bcf3c43e0..ceb3fec17 100644
--- a/doc/permissions.bb
+++ b/doc/permissions.bb
@@ -1,7 +1,7 @@
-[b]Permissions[/b]
-
+[h1]Permissions[/h1]
Permissions in the $Projectname are more complete than you may be used to. This allows us to define more fine graded relationships than the black and white "this person is my friend, so they can do everything" or "this person is not my friend, so they can't do anything" permissions you may find elsewhere.
+
[b]Default Permissions[/b]
On your settings page, you will find a list of default permissions. These permissions are automatically applied to everybody unless you specify otherwise. The scope of these permissions varies from "Only me" to "Everybody" - though some scopes may not be available for some permissions. For example, you can't allow "anybody on the internet" to send you private messages, because we'd have no way to identify the sender, therefore no way to reply to them.
@@ -13,89 +13,57 @@ Be aware that altering the scope of who can see your "public" items is a more or
A more useful privacy setup is to leave "public" items visible to anybody on the internet; but force everything you create to be restricted. This can be done on your Channel Settings page by selecting the role "Social - restricted". This ensures a Default Privacy Group for all new contacts, and sets your Default Post Permissions to restrict all your posts to that group. We use the Default Post Permissions for everything you create - posts, photos, events, webpages, and everything else. However you can then edit the permissions when you create any individual thing and remove your default privacy group to make just that item visible to anybody.
+[dl terms="l"]
+[*= The scopes of permissions are:]
+[dl terms="i"]
+ [*= Nobody Except Yourself ] This is self explanatory. Only you will be allowed access.
+
+ [*= Only those you specifically allow ] By default, people you are not connected to, and all new contacts will have this permission denied. You will be able to make exceptions for individual channels on their contact edit screen.
+
+ [*= Anybody in your address book ] Anybody you do not know will have this permission denied, but anybody you accept as a contact will have this permission approved. This is the way most legacy platforms handle permissions.
+
+ [*= Anybody On This Hub ] Anybody using the same hub as you will have permission approved. Anybody who registered at a different hub will have this permission denied.
+
+ [*= Anybody in this network ] Anybody in the $Projectname will have this permission approved. Even complete strangers. However, anybody not logged in/authenticated will have this permission denied.
+
+ [*= Anybody authenticated ] This is similar to "anybody in this network" except that it can include anybody who can authenticate by any means - and therefore may include visitors from other networks.
+
+ [*= Anybody on the internet ] Completely public. This permission will be approved for anybody at all.
+[/dl]
+[*= The individual permissions are:]
+[dl terms="i"]
+ [*= Can view my "public" stream and posts. ] This permision determines who can view your channel "stream" that is, the non-private posts that appear on the "home" tab when you're logged in.
-The scopes of permissions are:
-
-[li]Nobody Except Yourself. This is self explanatory. Only you will be allowed access.[/li]
-
-[li]Only those you specifically allow. By default, people you are not connected to, and all new contacts will have this permission denied. You will be able to make exceptions for individual channels on their contact edit screen.[/li]
-
-[li]Anybody in your address book. Anybody you do not know will have this permission denied, but anybody you accept as a contact will have this permission approved. This is the way most legacy platforms handle permissions.[/li]
-
-[li]Anybody On This Hub. Anybody using the same hub as you will have permission approved. Anybody who registered at a different hub will have this permission denied.[/li]
-
-[li]Anybody in this network. Anybody in the $Projectname will have this permission approved. Even complete strangers. However, anybody not logged in/authenticated will have this permission denied.[/li]
-
-[li]Anybody authenticated. This is similar to "anybody in this network" except that it can include anybody who can authenticate by any means - and therefore may include visitors from other networks.[/li]
-
-[li]Anybody on the internet. Completely public. This permission will be approved for anybody at all.[/li]
-
-The individual permissions are:
-
-[i]Can view my "public" stream and posts.[/i]
-
-This permision determines who can view your channel "stream" that is, the non-private posts that appear on the "home" tab when you're logged in.
-
-[i]Can view my "public" channel profile.[/i]
-
-This permission determines who can view your channel's profile. This refers to the "about" tab
-
-[i]Can view my "public" photo albums.[/i]
-
- This permission determines who can view your photo albums. Individual photographs may still be posted to a more private audience.
-
-[i]Can view my "public" address book.[/i]
-
-This permission determines who can view your contacts. These are the connections displayed in the "View connections" section.
-
-[i]Can view my "public" file storage.[/i]
-
-This permission determines who can view your public files stored in your cloud.
-
-[i]Can view my "public" pages.[/i]
-
-This permission determines who can view your public web pages.
-
-[i]Can send me their channel stream and posts.[/i]
-
-This permission determines whose posts you will view. If your channel is a personal channel (ie, you as a person), you would probably want to set this to "anyone in my address book" at a minimum. A personal notes channel would probably want to choose "nobody except myself". Setting this to "Anybody in the network" will show you posts from complete strangers, which is a good form of discovery.
-
-[i]Can post on my channel page ("wall").[/i]
-
-This permission determines who can write to your wall when clicking through to your channel.
-
-[i]Can comment on my posts.[/i]
-
-This permission determines who can comment on posts you create. Normally, you would want this to match your "can view my public stream and posts" permission
-
-[i]Can send me private mail messages.[/i]
+ [*= Can view my "public" channel profile. ] This permission determines who can view your channel's profile. This refers to the "about" tab
-This determines who can send you private messages (zotmail).
+ [*= Can view my "public" photo albums. ] This permission determines who can view your photo albums. Individual photographs may still be posted to a more private audience.
-[i]Can post photos to my photo albums.[/i]
+ [*= Can view my "public" address book. ] This permission determines who can view your contacts. These are the connections displayed in the "View connections" section.
-This determines who can post photographs in your albums. This is very useful for forum-like channels where connections may not be connected to each other.
+ [*= Can view my "public" file storage. ] This permission determines who can view your public files stored in your cloud.
-[i]Can forward to all my channel contacts via post tags.[/i]
+ [*= Can view my "public" pages. ] This permission determines who can view your public web pages.
-Using @- mentions will reproduce a copy of your post on the profile specified, as though you posted on the channel wall. This determines if people can post to your channel in this way.
+ [*= Can send me their channel stream and posts. ] This permission determines whose posts you will view. If your channel is a personal channel (ie, you as a person), you would probably want to set this to "anyone in my address book" at a minimum. A personal notes channel would probably want to choose "nobody except myself". Setting this to "Anybody in the network" will show you posts from complete strangers, which is a good form of discovery.
-[i]Can chat with me (when available).[/i]
+ [*= Can post on my channel page ("wall"). ] This permission determines who can write to your wall when clicking through to your channel.
-This determines who can join the public chat rooms created by your channel.
+ [*= Can comment on my posts. ] This permission determines who can comment on posts you create. Normally, you would want this to match your "can view my public stream and posts" permission
-[i]Can write to my "public" file storage.[/i]
+ [*= Can send me private mail messages. ] This determines who can send you private messages (zotmail).
-This determines who can upload files to your public file storage, or 'cloud'.
+ [*= Can post photos to my photo albums. ] This determines who can post photographs in your albums. This is very useful for forum-like channels where connections may not be connected to each other.
-[i]Can edit my "public" pages.[/i]
+ [*= Can forward to all my channel contacts via post tags. ] Using @- mentions will reproduce a copy of your post on the profile specified, as though you posted on the channel wall. This determines if people can post to your channel in this way.
-This determines who can edit your webpages. This is useful for wikis or sites with multiple editors.
+ [*= Can chat with me (when available). ] This determines who can join the public chat rooms created by your channel.
-[i]Can administer my channel resources.[/i]
+ [*= Can write to my "public" file storage. ] This determines who can upload files to your public file storage, or 'cloud'.
-This determines who can have full control of your channel. This should normally be set to "nobody except myself".
+ [*= Can edit my "public" pages. ] This determines who can edit your webpages. This is useful for wikis or sites with multiple editors.
+ [*= Can administer my channel resources. ] This determines who can have full control of your channel. This should normally be set to "nobody except myself".
+[/dl][/dl]
[i]Note:[/i]
Plugins/addons may provide special permission settings, so you may be offered additional permission settings beyond what is described here.