search

athensresearch / athens

Athens is no longer maintainted. Athens was an open-source, collaborative knowledge graph, backed by YC W21
https://athensresearch.github.io/athens
Other
6.31k stars 398 forks source link

Permissions #915

Open jsmorabito opened 3 years ago

jsmorabito commented 3 years ago

for #843

to be managed in #881

references

shanberg commented 3 years ago

Are permissions set per invitee per database, or per invitee per block, or per invitee per workspace, or something else?

tangjeff0 commented 3 years ago

That is a loaded question!

First thought is 1 workspace = 1 database

Per Database: pretty straightforward. Everyone has same permissions, except for perhaps admin who can add or remove users. No private spaces though haha (Notion has this).

Block- and Page-level: the 1st order seems straight forward. Search and auto-complete would have to ignore private blocks/pages. 2nd order: What about children? What about parents?

latvia234 commented 3 years ago

Will there be an option that can give permissions to certain roles?

For example I have a team with around 10 video editors, and there is another team with around 8 writers, there is another team with 5 voice overs.

It would be easier to add people to a role, that already does have certain permissions. And maybe add some custom permissions for a team member if needed later on.

makoConstruct commented 2 years ago

I thought a lot this week about the near future of systems like Athens or Roam as wiki/forum/realtime chats/social networks, and permissioning was a big part of things, it has to be gotten right. You can read the neschat design overview, I'd recommend all of these ideas to Athens, but I'll repeat the permissioning model here in athenian terms:

The neschat model: Every block (including a sort of workspace root entities) should have the following permission groups: Read, Edit, Reply (the ability to add additional blocks under, or inline), Prune (the ability to remove or reorder replies), and Own (the ability to change who's in the permission groups).

The permissions take a combination of users and usergroups. They can also be set to inherit the permissions of the parent block. (if you ever support having multiple parents (you wont though, right? That'd just be block references), one of them has to be designated as the primary parent).

I think this covers all of the diverse use cases I can see athens eventually supporting (except for some other stuff that needs Web of Trust Moderation, but I will hold off on talking about that until I've developed a way to make it scalable.)

It occurs to me that when someone creates a new block, all of these would have to automatically default to something. This could be somewhat complicated.

I think in the current focal use case, when alice creates a block, having everything default to inherit + alice, would work. (In my speculated forum or chat modes, though, I think, it would have to be different. When alice creates a new block, Own and Edit would default to just alice.)