decentraleyes-schema-fragments v0.0.6
decentraleyes-schema-fragments
A collection of useful schema fragments to be used throughout the platform.
Overview
This is not a microservice, it is a simple shared library used throughout decentraleyes to implement consistent and common data throughout the service. Various schema fragments are defined as plain data. They can be used and are used in various schemata composed throughout the system.
fragments.privileges
Defines user privileges as rank and level. Rank is enumerated as 'sysop', 'admin', 'user' and 'guest'. Level is an integer in the range 1..10 (brackets mean inclusive, and this syntax worries me in markdown).
'rank': {
'type': String,
'enum': [
'sysop',
'admin',
'user',
'guest'
],
'required': true,
'default': 'user',
'index': true
},
'level': {
'type': Number,
'min': 1,
'max': 10,
'default': 1,
'required': true,
'index': true
}rank=sysop
The System Operator (SysOp) is the owner of the node. They generally do not have restrictions, but they do have levels (see below). There can be more than one SysOp on a node. There should be very few Level 10 SysOps on Earth compared to the total number of users on Earth. This is by design.
rank=admin
System Administrators are those appointed by System Operators to help manage their online community. Administrators are usually granted the permission to take administrative action against user actions. They can remove content, administratively ban other users and help enforce the terms of service for a particular node.
rank=user
Users are generally the content creators on a node. They receive permission to create posts, add to their own timeline, provide feedback on various resources, send and receive messages amongst themselves and perform many other actions and interactions.
rank=guest
A special-case user rank indicating that the request has arrived from an unauthanticated client. Some nodes may elect to open their content to the world at large, and that content will interally be served to a fictitious "guest" user. The guest user does have a virtual display name (guest), which is the reason no user may use the display name "guest" on any decentraleyes system. Guests may additionally be identified internally by Level Zero (0). The only valid rank+level display for a guest user is GuestL0 (which you will likely not often see in the public-facing UX outside of diagnostic displays).
level
A number in the range 1..10 indicating a finer grain of control within a user account's rank. On decentraleyes, a user isn't simply a user. They are, instead, classified as a rank and a level:
- Level 2 User (UserL2)
- Level 6 Admin (AdminL6)
- Level 10 SysOp (SysOp10) (pronounced: sis-op-eye-oh or sis-op-uh-oh)
This provides a finer grain of control over classes of users delegated to perform certain tasks, and allows sites the kind of configuration that allows for a matrix of 31 total categories of users on a system (10 levels across three leveled ranks plus "guest" which has no levels).
fragments.visibility
Defines resource visibility, restricting resource views to an enumerated class of user (public, contacts only or private).
'type': String,
'enum': [
'public',
'contacts',
'private'
],
'default': 'private',
'required': true,
'index': true
};public
The resource is intended to be viewed by the public (everyone). Additional system-level controls may prevent unauthenticated users from retrieving the resource. SysOps can set their node to private, which means the whole node serves nothing to unauthenticated site visitors, robots, etc.
contacts
The resource must only be viewed by authenticated site visitors listed in the creator's contacts list. Robots are generally prohibited from accessing the resource as they do not authenticate and are not on people's contacts lists.
private
The resource must only be retrievable by the currently authenticated user who created it. No other requests for service on the resource can be processed.
fragments.privacy
Composes visibility and privilege into the privacy settings for a resource on the platform. This indicates the resource's visibility (public, contacts, private) and required user privileges (rank and level) to satisfy access requirements for retrieving the resource.
'visibility': fragments.visibility,
'requiredPrivileges': fragments.privileges