Closed jace closed 5 years ago
In hasgeek/coaster#157, a new concept "anchor" is introduced, and inferred principals are discovered as a chain of activity linking anchors.
We will not be implementing this in Lastuser. It should be a concern of the primary client app.
The three principals (#91),
User
,Organization
andTeam
are explicitly defined by the act of a user registering an account and creating orgs and teams.However, it is also possible for the existence of these principals to be inferred from other data. Inferred principals show up as a recurring pattern:
User
first via their email address or phone number, such as via a mailing list subscription, or a guest checkout in an online purchase.Organization
via theDomain
model guessed from an email address. Discussion in hasgeek/hasjob#141.Team
guessed from the collaborators on a job post. Discussion in hasgeek/hasjob#375.Inferred principals aren't explicit data. They are metadata on other types of data within each app. They are best understood as queries or views rather than explicit models. While an explicit model may exist such as Hasjob's
Domain
, these are for convenience and classify as app data, not user data. Hasjob's domains cannot be renamed or deleted, for instance. A qualifying user may submit additional data such as a title (the organization's name), but will not own the inferred principal's record.Inferred principals allow a user access to data they are authorised to own or edit, without requiring an explicit grant of that authority. Lastuser should provide guidelines on how inferred principals may be identified and related data placed under the authority of explicit principals.