Users automatically have a group generated for them when their account is created. However, the explicit creation of arbitrarily named groups will require domain validation.
For example, when a user wants to use com.example.x, they will be required to prove that they own x.example.com. This can be achieved using the standard approach of trying to retrieve a token at x.example.com/.well-known/eigion-[some-value].
[x] Database changes to hold requests
[x] Admin API to inspect requests in progress
[x] Service to execute domain checks
[x] Domain check module
[x] Public API to make group creation requests, check the status of requests, cancel requests, etc
[x] Public API to invite a user into a group
[x] Public API to accept or reject invites
[x] Public API to grant a user a role in a group
[x] Public API to leave a group
What roles should a user have upon founding a group? Presumably ... all of them.
Yes, all roles.
How do users get into groups they don't own?
A user with a given role has to invite them, and they can either accept or ignore the invite.
~Users can't be invited to a user's "personal" group. This is going to require marking groups as personal.~
How do users get roles within a group?
A user with role x (where x isn't FOUNDER) can grant x to any other user.
Given that new roles might be added in the future, how to users within groups get new roles?
The FOUNDER role implies all other roles automatically, so the founder can grant new roles to users as needed.
Users automatically have a group generated for them when their account is created. However, the explicit creation of arbitrarily named groups will require domain validation.
For example, when a user wants to use
com.example.x
, they will be required to prove that they ownx.example.com
. This can be achieved using the standard approach of trying to retrieve a token atx.example.com/.well-known/eigion-[some-value]
.What roles should a user have upon founding a group? Presumably ... all of them.
How do users get into groups they don't own?
How do users get roles within a group?
x
(wherex
isn'tFOUNDER
) can grantx
to any other user.Given that new roles might be added in the future, how to users within groups get new roles?
FOUNDER
role implies all other roles automatically, so the founder can grant new roles to users as needed.