Ryouiki
Self-hosted domain communication service

Groups

Groups are collections of users that specify access, customize user display, and provide custom data fields.

The jurisdiction of a group is limited to its host domain, and group customization is persistent across domains.

Group {
    Name   :sequence
    Fields :schema

    Privileges :TBD

    Flags :block{1}
    # [0:1] Open membership
    # [1:1] Add to profile
    # [2:1] Member list visible
    # [3:1] May be assumed
    # [4:1] Compartmentalized

    Color :COLOR
}

@Group Membership {
    Group  :natural
    Fields :record
}

Configuration

Membership

Groups may be open—allowing users to join and leave at will—or closed—requiring privileged access to modify the users in the group.

Visibility

Listing of the group on profiles, as well as viewing the members of a group, may be configured.

Mentionable

Mentionable groups may be tagged in messages, providing notification to all members of the group.

Assumption

If the group permits assumption, users may use the group to mask their identity in messages and interactions on the host domain.

A user may assume at most one group at a time.

Compartmentalization

See: Compartmentalization

Privileges

Groups may specifically grant or deny privileges, relative to the User group.

Granting of a privilege overrides denial of that privilege by other groups.

Fields

A group may specify a set of fields—and accompanying permissions—that can be specified for each user and optionally displayed on users' profiles.

Global properties may be added to the User group.

Customization

Customization modifies how a user belonging to the group is presented in the user interface.

Color

Specifies the color associated with the group and its users.

Primary Group

Each user has a primary group, which specifies any customizations of how the user is presented.

Default Groups

System groups are inherent to the platform and are limited in configuration.

*system group

User*

Consists of all users on the domain.

The user group defines the default permission if no other group explicit grants or denies a privilege.

Guest*

Consists of all users owned by another domain.

Restricted*

Overrides privileges of all other groups.

Users of the Administrator group may not be added to the Restricted group.

Administrator*

Grants specific privileges for managing the domain.

Privileges may not be modified, but permits granting any privileges to custom groups.

Moderator

Grants privileges for flagging, hiding, and removing user content.

May review reported content and impose lesser punishments.

Curator

Grants privileges for managing domain content, including districts, channels, and reactions.

May manage unprivileged groups.

Manager*

Consists of users specified in the server configuration and grants specific privileges for managing the host server.

System*

Consists of all system users on the domain.

Denies most privileges to encourage the principle of least privilege in configuring tasks and modules.