Visibility

Floopstreet manages access to users, groups, and items through the notion of visibility: access to various items of information is approved only if the item is visible to the requesting user, depending on the the visibility level associated with the information and the relationship of the requestor to the owner of the information.

What are the visibility levels?

There are four visibility levels, each defining a wider window than the previous one:

  • The owner of an item of information always has access to it; typically the user who created the item is the owner.
  • Information with private visibility is visible to the owner alone.
  • Information with group visibility is also visible to members of the groups of which the owner is a member.
  • Information with linked visibility is also visible to members of the groups that are linked to the owner's groups.
  • Information with public visibility is visible to anyone.

For group and linked visibility, you can also specify which groups should be granted or denied visibility; for example, you can set the visibility for a post to group, but make it not visible to the "family" group. Personas make it easy to switch visibility settings.

How is visibility used?

When a request for an item is made, Floopstreet checks if the requestor has access to it through the following steps, stopping as soon as it determines whether the item is visible or not.

  1. If there is no requesting user (the application has not yet logged in), then the item is visible only if it has public visibility.
  2. Otherwise, if the requesting user is the same as the owner, then the item is visible, independently of its visibility settings.
  3. If we make this far, the requesting user is not the same as the owner: if the item has private visibility, then it is not visible and we can deny access.
  4. Check if the requesting user belongs to one or more of the owner's groups. If it does, and one of the groups is on the list of groups to be granted access, then the item is visible.
  5. Next, if the item has linked visibility, see if the requesting user belongs to one or more of the groups linked to the owner's groups. If it does, and one of the groups is on the list of groups to be granted access, then the item is visible.
  6. If the access control check gets to this step, then the item is not visible.

If the access check fails, Floopstreet returns an error.

Can I change visibility settings for an item?

Yes. If you can edit an item, you can change its visibility.