We begin, of course, with a user, who creates an account and populats their account with their meta-information including the person's name, email address, birth year, birth month, birth day, work locations, alma maters, etc.
Every piece of information provided to the site has an associated access control list (acl, or ackle) which is a set of rules processed in sequence to determine whether a person trying to access the content has permiss. A rule is very simple, it specifies "who" and "access". "Who" can be either an individual or a group. "Access" is always 'permit', or 'deny'.
Any user can create an ackle group, which exists only for the user and identifies multiple users. For example, a user can create an ackle group for co-workers, and populate it with all of their relationships which are co-workers. That co-worker ackle group will exist only for the user that created it and will not be accessible to any of the co-workers in the group. Ackle groups exist solely for permitting and denying access in an ackle.
There are three default ackle groups: 'everyone', 'members', and 'acquaintances'. Any rule for 'everyone' really means 'everyone except me', and will affect access by all users excepting the owner regardless of whether the user has an account or not. Any rule for 'members' will affect access by only the members of the site. Any rule for 'acquaintances' will affect access by only people with an existing relationship with the user.
The first rule of every ackle is always an 'everyone' rule. By default, all information shared with the site excepting usernames begins with the ackle "everyone: deny", which is the highest possible privacy setting. Usernames begin with the ackle "everyone: permit".
A new user must change the ackles on their personal information in order to become findable by whomever they desire to be findable by. Keep in mind that at this point, the user has no existing relationships, so only information that is available to 'everyone' or to 'members' will make them findable. It would therefore be a good idea for the user to set at least some of their fields with an ackle of:
- everyone: deny
- members: permit
Relationships can be established by finding any other user on the site and adding them as an acquaintance. Relationships are uni-directional; they do not need acknowledgment. When a relationship is established, a message will be sent to the person who is being added.
I'm out of time for right now. I'll pick this up where I left off in my next post...