diff options
| author | fiatjaf <fiatjaf@gmail.com> | 2024-09-18 22:27:03 -0300 |
|---|---|---|
| committer | fiatjaf <fiatjaf@gmail.com> | 2024-09-18 22:27:03 -0300 |
| commit | 765daceaa1a25a0324864668cf977cbdcb30bbd4 (patch) | |
| tree | 586754a1d24d3fda58f3b5d0d81a06a1976063c1 | |
| parent | e61651ac06c662b43817f85581b50e4254efbd7b (diff) | |
remove invites, simplify group metadata edits, rework fine-grained "permissions" into unspecified "roles".
| -rw-r--r-- | 29.md | 77 |
1 files changed, 43 insertions, 34 deletions
| @@ -144,7 +144,7 @@ These are events expected to be sent by the relay master key or by group admins | |||
| 144 | 144 | ||
| 145 | - *moderation events* (`kinds:9000-9020`) (optional) | 145 | - *moderation events* (`kinds:9000-9020`) (optional) |
| 146 | 146 | ||
| 147 | Clients can send these events to a relay in order to accomplish a moderation action. Relays must check if the pubkey sending the event is capable of performing the given action. The relay may discard the event after taking action or keep it as a moderation log. | 147 | Clients can send these events to a relay in order to accomplish a moderation action. Relays must check if the pubkey sending the event is capable of performing the given action based on its role and the relay's internal policy (see also the description of `kind:39003`). |
| 148 | 148 | ||
| 149 | ```json | 149 | ```json |
| 150 | { | 150 | { |
| @@ -161,22 +161,21 @@ Each moderation action uses a different kind and requires different arguments, w | |||
| 161 | 161 | ||
| 162 | | kind | name | tags | | 162 | | kind | name | tags | |
| 163 | | --- | --- | --- | | 163 | | --- | --- | --- | |
| 164 | | 9000 | `add-user` | `p` (pubkey hex) | | 164 | | 9000 | `add-user` | `p` with pubkey hex | |
| 165 | | 9001 | `remove-user` | `p` (pubkey hex) | | 165 | | 9001 | `remove-user` | `p` with pubkey hex | |
| 166 | | 9002 | `edit-metadata` | `name`, `about`, `picture` (string) | | 166 | | 9002 | `edit-metadata` | fields from `kind:39000` to be modified | |
| 167 | | 9003 | `add-permission` | `p` (pubkey), `permission` (name) | | 167 | | 9003 | | | |
| 168 | | 9004 | `remove-permission` | `p` (pubkey), `permission` (name) | | 168 | | 9004 | | | |
| 169 | | 9005 | `delete-event` | `e` (id hex) | | 169 | | 9005 | `delete-event` | | |
| 170 | | 9006 | `edit-group-status` | `public` or `private`, `open` or `closed` | | 170 | | 9006 | `set-role` | `p` with pubkey hex and roles | |
| 171 | | 9007 | `create-group` | | | 171 | | 9007 | `create-group` | | |
| 172 | | 9008 | `delete-group` | | | 172 | | 9008 | `delete-group` | | |
| 173 | | 9009 | `create-invite` | `code`, `uses` (how many times it can be used) | | ||
| 174 | 173 | ||
| 175 | It's expected that the group state (of who is an allowed member or not, who is an admin and with which permission or not, what are the group name and picture etc) can be fully reconstructed from the canonical sequence of these events. | 174 | It's expected that the group state (of who is an allowed member or not, who is an admin and with which permission or not, what are the group name and picture etc) can be fully reconstructed from the canonical sequence of these events. |
| 176 | 175 | ||
| 177 | ### Group metadata events | 176 | ### Group metadata events |
| 178 | 177 | ||
| 179 | These events contain the group id in a `d` tag instead of the `h` tag. They are expected to be created by the relay master key only and a single instance of each (or none) should exist at all times for each group. They are merely informative but should reflect the latest group state (as it was changed by moderation events over time). | 178 | These events contain the group id in a `d` tag instead of the `h` tag. They MUST be created by the relay master key only and a single instance of each (or none) should exist at all times for each group. They are merely informative but should reflect the latest group state (as it was changed by moderation events over time). |
| 180 | 179 | ||
| 181 | - *group metadata* (`kind:39000`) (optional) | 180 | - *group metadata* (`kind:39000`) (optional) |
| 182 | 181 | ||
| @@ -206,43 +205,29 @@ When this event is not found, clients may still connect to the group, but treat | |||
| 206 | 205 | ||
| 207 | - *group admins* (`kind:39001`) (optional) | 206 | - *group admins* (`kind:39001`) (optional) |
| 208 | 207 | ||
| 209 | Similar to the group metadata, this event is supposed to be generated by relays that host the group. | 208 | Each admin is listed along with one or more roles. These roles SHOULD have a correspondence with the roles supported by the relay, as advertised by the `kind:39003` event. |
| 210 | 209 | ||
| 211 | Each admin gets a label that is only used for display purposes, and a list of permissions it has are listed afterwards. These permissions can inform client building UI, but ultimately are evaluated by the relay in order to become effective. | 210 | ```jsonc |
| 212 | |||
| 213 | The list of capabilities, as defined by this NIP, for now, is the following: | ||
| 214 | |||
| 215 | - `add-user` | ||
| 216 | - `edit-metadata` | ||
| 217 | - `delete-event` | ||
| 218 | - `remove-user` | ||
| 219 | - `add-permission` | ||
| 220 | - `remove-permission` | ||
| 221 | - `edit-group-status` | ||
| 222 | - `delete-group` | ||
| 223 | |||
| 224 | ```json | ||
| 225 | { | 211 | { |
| 226 | "kind": 39001, | 212 | "kind": 39001, |
| 227 | "content": "list of admins for the pizza lovers group", | 213 | "content": "list of admins for the pizza lovers group", |
| 228 | "tags": [ | 214 | "tags": [ |
| 229 | ["d", "<group-id>"], | 215 | ["d", "<group-id>"], |
| 230 | ["p", "<pubkey1-as-hex>", "ceo", "add-user", "edit-metadata", "delete-event", "remove-user"], | 216 | ["p", "<pubkey1-as-hex>", "ceo"], |
| 231 | ["p", "<pubkey2-as-hex>", "secretary", "add-user", "delete-event"] | 217 | ["p", "<pubkey2-as-hex>", "secretary", "gardener"], |
| 232 | ] | 218 | // other pubkeys... |
| 219 | ], | ||
| 233 | // other fields... | 220 | // other fields... |
| 234 | } | 221 | } |
| 235 | ``` | 222 | ``` |
| 236 | 223 | ||
| 237 | - *group members* (`kind:39002`) (optional) | 224 | - *group members* (`kind:39002`) (optional) |
| 238 | 225 | ||
| 239 | Similar to *group admins*, this event is supposed to be generated by relays that host the group. | 226 | It's a list of pubkeys that are members of the group. Relays might choose to not to publish this information, to restrict what pubkeys can fetch it or to only display a subset of the members in it. |
| 240 | 227 | ||
| 241 | It's a list of pubkeys that are members of the group. Relays might choose to not to publish this information or to restrict what pubkeys can fetch it. | 228 | Clients should not assume this will always be present or that it will contain a full list of members. |
| 242 | 229 | ||
| 243 | Clients should not assume this will always be present or that it will contain a full list of members, as relays may opt to not publish it or publish a shortened version. | 230 | ```jsonc |
| 244 | |||
| 245 | ```json | ||
| 246 | { | 231 | { |
| 247 | "kind": 39002, | 232 | "kind": 39002, |
| 248 | "content": "list of members for the pizza lovers group", | 233 | "content": "list of members for the pizza lovers group", |
| @@ -251,7 +236,31 @@ Clients should not assume this will always be present or that it will contain a | |||
| 251 | ["p", "<admin1>"], | 236 | ["p", "<admin1>"], |
| 252 | ["p", "<member-pubkey1>"], | 237 | ["p", "<member-pubkey1>"], |
| 253 | ["p", "<member-pubkey2>"], | 238 | ["p", "<member-pubkey2>"], |
| 254 | ] | 239 | // other pubkeys... |
| 240 | ], | ||
| 241 | // other fields... | ||
| 242 | } | ||
| 243 | ``` | ||
| 244 | |||
| 245 | - *group roles* (`kind:39003`) (optional) | ||
| 246 | |||
| 247 | This is an event that MAY be published by the relay informing users and clients about what are the roles supported by this relay according to its internal logic. | ||
| 248 | |||
| 249 | For example, a relay may choose to support the roles `"admin"` and `"moderator"`, in which the `"admin"` will be allowed to edit the group metadata, delete messages and remove users from the group, while the `"moderator"` can only delete messages (or the relay may choose to call these roles `"ceo"` and `"secretary"` instead, the exact role name is not relevant). | ||
| 250 | |||
| 251 | The process through which the relay decides what roles to support and how to handle moderation events internally based on them is specific to each relay and not specified here. | ||
| 252 | |||
| 253 | ```jsonc | ||
| 254 | { | ||
| 255 | "kind": 39003, | ||
| 256 | "content": "list of roles supported by this group", | ||
| 257 | "tags": [ | ||
| 258 | ["d", "<group-id>"], | ||
| 259 | ["role", "<role-name>", "<optional-description>"], | ||
| 260 | ["role", "<role-name>", "<optional-description>"], | ||
| 261 | // other roles... | ||
| 262 | ], | ||
| 263 | // other fields... | ||
| 255 | } | 264 | } |
| 256 | ``` | 265 | ``` |
| 257 | 266 | ||