9. • View
• Edit
• Delete
• Report bad profile
Features - Profile
10. • Classic view
– Inbox
– Unread
– Sent
• Threaded view
– List of conversations
– Whole conversation with one user on one
page
Features - Messages
11. • Requesting, canceling, confirming
friendship
• List of friends
• Possible states of the relationship:
– New
– Confirmed
– Rejected
Features – Relation management
13. • Gallery
– Albums list
– Photos list of one album
• Album
– Title
– Cover image
– Privacy settings
• Special album with profile pictures
Features - Gallery
14. • Mail, private message, wall message….
• Multiple notifications per event
• Easy to use API
$notification = new Tx_Community_Service_Notification_Notification(
'relationRequest',
$this->requestingUser,
$this->requestedUser
);
$notification->setFoo(„BAR”);
$this->notificationService->notify($notification);
• Configurable in TS
relationRequest {
10 {
template = RelationRequest
handler = Tx_Community_Service_Notification_MailHandler
serverEmail = {$plugin.tx_community.serverEmail}
} }
Features – Notification service
15. Want to notify by SMS after receiving private message?
1. Create own notification handler which implements
Tx_Community_Service_Notification_HandlerInterface
- send() method is required
e.g. Tx_CommunityLocal_Service_Notification_SmsHandler
2. Add typoscript configuration
plugin.tx_community.settings.notification.rules {
messageSend {
20 {
handler = Tx_CommunityLocal_Service_Notification_SmsHandler
}
}
}
Features – Notification service
17. • Base class for all controllers
• Resolves requested and requesting user
• Access control in initializeAction()
– Return nothing if user has no access
Architecture – Base controller
18. Requesting
(logged in)
user
Requested
user
Are
friends
Access type Notes
NULL NULL - ACCESS_PUBLIC Public, guest access. No logged in
user, no requested (target) user.
Used e.g. for “list of 10 newest users”.
NULL John - ACCESS_NOBODY Public, guest access, no logged in
user. Public, but user specific plugins.
Bill John NO ACCESS_OTHER Bill is logged in, but he is not a friend
with John
Bill John YES ACCESS_FRIEND
John John | NULL - Access granted by
default.
If requested user is not set, and we
are logged in, then requestedUser =
requestingUser
– e.g. we are seeing our own profile
Architecture – Access control
Types of access for different requests:
19. • On action level
• Configured in TS
– Actions are mapped to „resource names”
accessActionResourceMap {
User {
image = profile.image //image action from UserController
edit = profile.edit
}
– Access rules are set for resource names
accessRules.friend {
profile.image.access = 1
profile.relation.access = 1
}
Architecture – Access control
20. • Use Ajax wherever possible
• Privacy settings for user properties
• Groups
• Performance tuning
• Notification queue
• Advanced search
• Standard image sizes defined in TS
• Commenting on wall posts
Roadmap
21. • Installing community
• Features/roadmap brainstorming
• Discussion
– groups handling
– privacy settings
• ???
Workshop tasks
22. • Levels
– Action level (MessageController->sendAction)
– Record level e.g. user/ album
– Record property level – $user->email,
$user->name
• Defaults
– Global defaults: deny or allow
– Defaults for table/record/property
Privacy/access control challenges
23. • Allow user to change his privacy settings
• Easy to extend (new models, new
controllers)
• Fast
• Transparent
• Configured in single place
• …
Privacy/access control challenges