Geek Answers Handbook

How does Facebook handle privacy settings in a database?

What are the design patterns for developing a privacy system like facebook.

The user decides what information to share based on his groups of friends. All user information (email, phone) is stored in a data table, which simply has a key = value.

Current Tables:

  • User - (id)
  • UserData - (id, user_id, data type, value)
  • Friendship - (user_id, friend_id, friendgroup_id)
  • FriendGroup - (user_id, name)

Example:

  • Group X can see phone_1
  • Group Y can see phone_2
  • All groups can see phone_3

This design is subject to change.

+6
database ruby-on-rails authorization facebook database-design
source share
4 answers

You will need to make a permissions table for FriendGroup. In this case, you must obtain permission granted to each FriendGroup when the group or user can change this permission.

Prmissions (permission_id, friend_group, parameter, visible)

Example:

  • Group X can see phone_1
  • Group Y can see phone_2
  • All groups can see phone_3
(1,x,phone_1,true) (1,Y,phone_2,true) (1,x,phone_3,true) (1,Y,phone_3,true)

You can learn more about ACLs at the links:

Database model with users, roles and rights

Role Based Access Control System (RBAC) for PHP

Templates for creating applications like a social network?

+2
source share

I created a gem called "Privacy" that can help integrate a simple privacy setting into a Rails application. Check this out: https://github.com/xuanchien/privacy_setting

+2
source share

You need a role-based rights management system. Take a look at CanCan or DeclarativeAuthorization gems.

0
source share

you can add column name resolution with all fields e.g.

phone_number and phone_number_permission, photo and photo_permission and use the value 0,1,2,3 in the permission column

 permission rights 0. Not show to anyone 1. Show to friends 2. Show friends of friends 3. Show to groups and who are your friends

you need to manage this permission to view the data on the profile page.

if user == friend and permission == 1 show data

0
source share

More articles:


All Articles