23 lines
1.3 KiB
Markdown
23 lines
1.3 KiB
Markdown
# Privacy features for federation
|
|
|
|
## General logic
|
|
|
|
Two level of privacy for activities :
|
|
|
|
- from the Actor of the activities
|
|
- from the Object of the activities
|
|
|
|
We follow both actor and object privacy_level. If an user want to share it's playlist he need both the user privacy level and playlist privacy level set to allow it.
|
|
|
|
### User level privacy_level
|
|
|
|
Check is done in `activity_pass_user_privacy_level` but only works if `actor` is passed within the `context`
|
|
|
|
### Object privacy_level
|
|
|
|
Playlist support it's own privacy level. Check is done in `activity_pass_object_privacy_level`. Other objects should be added manually to this function.
|
|
|
|
## Followers privacy_level
|
|
|
|
If a user follow a local user we don't need to send ActivityPub activities since the data is already in our db. We can use the local database the fetch the data. That's why Funkwhale outbox will always discard activities that are not public. But this need to be updated to support `followers` privacy level. Some warning should be displayed to the users to explain that setting a privacy_level to `followers` will send the data to remote server. This means we need to trust the remote server admins to follow our privacy_level wish. In other words when you trust your followers your also trust the admins of your followers.
|