Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[r/boards] initialize private boards #3228

Open
8 tasks
salmad3 opened this issue Nov 28, 2024 · 0 comments
Open
8 tasks

[r/boards] initialize private boards #3228

salmad3 opened this issue Nov 28, 2024 · 0 comments

Comments

@salmad3
Copy link
Member

salmad3 commented Nov 28, 2024
edited
Loading

Context:

Private boards allow users to create and manage boards that are only visible to invited members. They leverage allowlisting and enable confidentiality and access control.

Acceptance Criteria:

  • Includes a PrivateBoard struct that extends the basic Board struct:

    Example 
    type PrivateBoard struct {
    Board
    InvitedMembers []Address
}

  • Includes a CreatePrivateBoard function that:

    • Checks if the user has permission to create a private board
    • Initializes a new PrivateBoard with the creator as the first invited member
    • Stores the new private board in the system

    Example 
    func (bp *BoardsRealm) CreatePrivateBoard(user User, boardName string) error {
   if !bp.HasPermission(user, "create_private_board", []interface{}{boardName}) {
       return errors.New("user does not have permission to create a private board")
   }

   newBoard := &PrivateBoard{
       Board: Board{
           Name:    boardName,
           Creator: user.Address,
       },
       InvitedMembers: []Address{user.Address},
   }

   bp.privateBoards[boardName] = newBoard
   return nil
}

  • Implements an InviteMember method for PrivateBoard:

    • Allows only the board owner or admins to invite new members
    • Adds the invited member's address to the InvitedMembers list

    Example 
    func (pb *PrivateBoard) InviteMember(inviter User, invitee Address) error {
    if !pb.isOwnerOrAdmin(inviter) {
        return errors.New("only board owner or admins can invite new members")
    }

    for _, member := range pb.InvitedMembers {
        if member == invitee {
            return errors.New("user is already a member of this board")
        }
    }

    pb.InvitedMembers = append(pb.InvitedMembers, invitee)
    pb.sendInvitationNotification(invitee)
    return nil
}

func (pb *PrivateBoard) isOwnerOrAdmin(user User) bool {
    return user.Address == pb.Creator || pb.hasAdminRole(user)
}

func (pb *PrivateBoard) hasAdminRole(user User) bool {
    [...]
    return false
}

}

  • Ensures that private boards are not visible in public board listings or searches

  • Implements access control for private boards:

    • Only allow invited members to view, post, and interact with the board
    • Restrict non-members from accessing any content within the private board

  • Includes a LeavePrivateBoard function for members to remove themselves from a private board

  • Implements a DeletePrivateBoard function that can only be executed by the board owner

  • Unit tests verify the functionality of private boards, including:

    • Creation of private boards
    • Invitation and removal of members
    • Access control for members and non-members

Notes:

  • Private boards should not be included in any public board statistics or listings
  • Consider implementing a way for Admins to view high-level details of private boards (e.g., name, owner, number of members) without accessing the content
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
🧙‍♂️gno.land core team
Status: Triage
Milestone
No milestone
Development

No branches or pull requests
1 participant
@salmad3