diff options
Diffstat (limited to 'doc/permissions.bb')
-rw-r--r-- | doc/permissions.bb | 120 |
1 files changed, 46 insertions, 74 deletions
diff --git a/doc/permissions.bb b/doc/permissions.bb index bcf3c43e0..cc831dd61 100644 --- a/doc/permissions.bb +++ b/doc/permissions.bb @@ -1,101 +1,73 @@ -[b]Permissions[/b]
+[h1]Permissions[/h1]
+Permissions in $Projectname are more complete than you may be used to. This allows us to define more fine graded relationships than the black and white "this person is my friend, so they can do everything" or "this person is not my friend, so they can't do anything" permissions you may find elsewhere.
-Permissions in the $Projectname are more complete than you may be used to. This allows us to define more fine graded relationships than the black and white "this person is my friend, so they can do everything" or "this person is not my friend, so they can't do anything" permissions you may find elsewhere.
+[b]Permission Roles[/b]
-[b]Default Permissions[/b]
+When you create a channel we allow you to select different 'roles' for that channel. These create an entire family of permissions and privacy settings that are appropriate for that role. Typical roles are "Social - mostly public", "Social - mostly private", "Forum - public" and many others. These bring a level of simplicity to managing permissions. Just choose a role and appropriate permissions are automatically applied. You can also choose 'Custom/Expert mode' and change any individual permission setting in any way you desire.
-On your settings page, you will find a list of default permissions. These permissions are automatically applied to everybody unless you specify otherwise. The scope of these permissions varies from "Only me" to "Everybody" - though some scopes may not be available for some permissions. For example, you can't allow "anybody on the internet" to send you private messages, because we'd have no way to identify the sender, therefore no way to reply to them.
-We highly recommend that you use the "typical social network" settings when you create your first channel, as it allows others to communicate with you and help you out if you have difficulty. You will find that these settings allow you as much privacy as you desire - when you desire it; but also allow you to communicate in public if you choose to. You are free to use much more private settings once you have learned your way around.
-
-Be aware that altering the scope of who can see your "public" items is a more or less [b]permanent[/b] change. Your public items have no identified permissions attached to them - they are public. If you restrict who can see these items, there is no way of making any single item public ever again - without allowing access to every public item you ever created. You are certainly free to do this, but beware of the consequences.
-
-A more useful privacy setup is to leave "public" items visible to anybody on the internet; but force everything you create to be restricted. This can be done on your Channel Settings page by selecting the role "Social - restricted". This ensures a Default Privacy Group for all new contacts, and sets your Default Post Permissions to restrict all your posts to that group. We use the Default Post Permissions for everything you create - posts, photos, events, webpages, and everything else. However you can then edit the permissions when you create any individual thing and remove your default privacy group to make just that item visible to anybody.
-
-
-
-The scopes of permissions are:
-
-[li]Nobody Except Yourself. This is self explanatory. Only you will be allowed access.[/li]
-
-[li]Only those you specifically allow. By default, people you are not connected to, and all new contacts will have this permission denied. You will be able to make exceptions for individual channels on their contact edit screen.[/li]
-
-[li]Anybody in your address book. Anybody you do not know will have this permission denied, but anybody you accept as a contact will have this permission approved. This is the way most legacy platforms handle permissions.[/li]
-
-[li]Anybody On This Hub. Anybody using the same hub as you will have permission approved. Anybody who registered at a different hub will have this permission denied.[/li]
-
-[li]Anybody in this network. Anybody in the $Projectname will have this permission approved. Even complete strangers. However, anybody not logged in/authenticated will have this permission denied.[/li]
-
-[li]Anybody authenticated. This is similar to "anybody in this network" except that it can include anybody who can authenticate by any means - and therefore may include visitors from other networks.[/li]
-
-[li]Anybody on the internet. Completely public. This permission will be approved for anybody at all.[/li]
-
-The individual permissions are:
+[b]Default Permission Limits[/b]
-[i]Can view my "public" stream and posts.[/i]
+There are a large number of individual permissions. These control everything from the ability to view your stream to the ability to chat with you. Every permission has a limit. The scope of these permissions varies from "Only me" to "Everybody on the internet" - though some scopes may not be available for some permissions. The limit applies to any published thing you create which has no privacy or access control. For example if you publish a photo and didn't select a specific audience with permission to view it, we apply the limit. These limits apply to everything within that permission rule, so you cannot apply a limit to one photo. The limit applies to all your photos. If all your photos are visible to everybody on the internet and you reduce the limit only to friends, [b]all[/b] of your photos will now be visible only to friends.
-This permision determines who can view your channel "stream" that is, the non-private posts that appear on the "home" tab when you're logged in.
+[b]Access Control[/b]
+
+Access Control is the preferred method of managing privacy in [i]most[/i] cases, rather than using permission limits. This creates lists of either connections or privacy groups (or both) and uses the access list to decide if a permission is allowed. An access list is attached to everything you publish. Unlike permission limits, if you change the access control list on a single photo, it doesn't affect any of your other photos. You can use privacy groups and a "default access control list" to create and automate the management of access control lists to provide any level of privacy you desire on anything you publish.
-[i]Can view my "public" channel profile.[/i]
-
-This permission determines who can view your channel's profile. This refers to the "about" tab
-
-[i]Can view my "public" photo albums.[/i]
-
- This permission determines who can view your photo albums. Individual photographs may still be posted to a more private audience.
-
-[i]Can view my "public" address book.[/i]
-
-This permission determines who can view your contacts. These are the connections displayed in the "View connections" section.
-
-[i]Can view my "public" file storage.[/i]
-
-This permission determines who can view your public files stored in your cloud.
-
-[i]Can view my "public" pages.[/i]
-
-This permission determines who can view your public web pages.
-
-[i]Can send me their channel stream and posts.[/i]
-
-This permission determines whose posts you will view. If your channel is a personal channel (ie, you as a person), you would probably want to set this to "anyone in my address book" at a minimum. A personal notes channel would probably want to choose "nobody except myself". Setting this to "Anybody in the network" will show you posts from complete strangers, which is a good form of discovery.
-
-[i]Can post on my channel page ("wall").[/i]
-
-This permission determines who can write to your wall when clicking through to your channel.
+We highly recommend that you use the "typical social network" settings when you create your first channel, as it allows others to communicate with you and help you out if you have difficulty. You will find that these settings allow you as much privacy as you desire - when you desire it; but also allow you to communicate in public if you choose to. You are free to use much more private settings once you have learned your way around.
-[i]Can comment on my posts.[/i]
-This permission determines who can comment on posts you create. Normally, you would want this to match your "can view my public stream and posts" permission
+[dl terms="l"]
+[*= The scopes of permissions are:]
+[dl terms="i"]
+ [*= Nobody Except Yourself ] This is self explanatory. Only you will be allowed access.
+
+ [*= Only those you specifically allow ] By default, people you are not connected to, and all new contacts will have this permission denied. You will be able to make exceptions for individual channels on their contact edit screen.
+
+ [*= Anybody in your address book ] Anybody you do not know will have this permission denied, but anybody you accept as a contact will have this permission approved. This is the way most legacy platforms handle permissions.
+
+ [*= Anybody On This Hub ] Anybody with a channel on the same hub/website as you will have permission approved. Anybody who is registered at a different hub will have this permission denied.
+
+ [*= Anybody in this network ] Anybody in the $Projectname will have this permission approved. Even complete strangers. However, anybody not logged in/authenticated will have this permission denied.
+
+ [*= Anybody authenticated ] This is similar to "anybody in this network" except that it can include anybody who can authenticate by any means - and therefore [i]may[/i] include visitors from other networks.
+
+ [*= Anybody on the internet ] Completely public. This permission will be approved for anybody at all.
+[/dl]
+[*= The individual permissions are:]
+[dl terms="i"]
+ [*= Can view my "public" stream and posts. ] This permision determines who can view your channel "stream" that is, the non-private posts that appear on the "home" tab when you're logged in.
-[i]Can send me private mail messages.[/i]
+ [*= Can view my "public" channel profile. ] This permission determines who can view your channel's profile. This refers to the "about" tab
-This determines who can send you private messages (zotmail).
+ [*= Can view my "public" photo albums. ] This permission determines who can view your photo albums. Individual photographs may still be posted to a more private audience.
-[i]Can post photos to my photo albums.[/i]
+ [*= Can view my "public" address book. ] This permission determines who can view your contacts. These are the connections displayed in the "View connections" section.
-This determines who can post photographs in your albums. This is very useful for forum-like channels where connections may not be connected to each other.
+ [*= Can view my "public" file storage. ] This permission determines who can view your public files stored in your cloud.
-[i]Can forward to all my channel contacts via post tags.[/i]
+ [*= Can view my "public" pages. ] This permission determines who can view your public web pages.
-Using @- mentions will reproduce a copy of your post on the profile specified, as though you posted on the channel wall. This determines if people can post to your channel in this way.
+ [*= Can send me their channel stream and posts. ] This permission determines whose posts you will view. If your channel is a personal channel (ie, you as a person), you would probably want to set this to "anyone in my address book" at a minimum. A personal notes channel would probably want to choose "nobody except myself". Setting this to "Anybody in the network" will show you posts from complete strangers, which is a good form of discovery.
-[i]Can chat with me (when available).[/i]
+ [*= Can post on my channel page ("wall"). ] This permission determines who can write to your wall when clicking through to your channel.
-This determines who can join the public chat rooms created by your channel.
+ [*= Can comment on my posts. ] This permission determines who can comment on posts you create. Normally, you would want this to match your "can view my public stream and posts" permission
-[i]Can write to my "public" file storage.[/i]
+ [*= Can send me private mail messages. ] This determines who can send you private messages (zotmail).
-This determines who can upload files to your public file storage, or 'cloud'.
+ [*= Can post photos to my photo albums. ] This determines who can post photographs in your albums. This is very useful for forum-like channels where connections may not be connected to each other.
-[i]Can edit my "public" pages.[/i]
+ [*= Can forward to all my channel contacts via post tags. ] Using @- mentions will reproduce a copy of your post on the profile specified, as though you posted on the channel wall. This determines if people can post to your channel in this way.
-This determines who can edit your webpages. This is useful for wikis or sites with multiple editors.
+ [*= Can chat with me (when available). ] This determines who can join the public chat rooms created by your channel.
-[i]Can administer my channel resources.[/i]
+ [*= Can write to my "public" file storage. ] This determines who can upload files to your public file storage, or 'cloud'.
-This determines who can have full control of your channel. This should normally be set to "nobody except myself".
+ [*= Can edit my "public" pages. ] This determines who can edit your webpages. This is useful for wikis or sites with multiple editors.
+ [*= Can administer my channel resources. ] This determines who can have full control of your channel. This should normally be set to "nobody except myself".
+[/dl][/dl]
[i]Note:[/i]
Plugins/addons may provide special permission settings, so you may be offered additional permission settings beyond what is described here.
|