Permissions model

Dark should support fine-grained permissioning

Dark v1 Problems

Only owners exist

Problem: Users who are added to orgs become owners

Solution: Allow different permissions, and create common roles to reflect them

Status: Design needed

Public canvases are not yet supported

Problem: We'd like users to show off their canvases (and may even make this the default)

Solution: We need enough permissions that this is safe to do

  • Should be able to disable traces on a canvas

  • Secrets should actually be secret

  • We need a subset of traces that provide value,

Status: Spec needed


v2 Spec

Trace design:

  • By default, traces are private, even on public canvases (can be made public, opt-in)

  • A subset of traces are shown to users

    • just the fact that they exist

    • when traces have users, show something else, like flags of the country the IP address is from

  • Default values are generated for each type to help who are contributing