Mark just to clarify is Bob and Fred making a request for your (Mark)
On Oct 29, 4:13 pm, "Mark W." <weit...@gmail.com> wrote:
Actually, I want to expand a little bit my previous post. I was actually
talking about this proposal to a couple of other engineers and we talked
through a few additional scenarios that I wanted to run by you to see if
they line up.
Specifically, theres a difference in the fields a container supports
globally, and what could be visible to an individual using an app. Let's
use the following scenario as our working example: I'd choose to expose my
email address only to my friends. In this case, Bob and Sue are my friends,
but Fred is not. Also, let's assume I'm using an Foo app.
If the current user is Bob, and the Foo app makes the request for supported
fields, email should be returned. If he then makes a request for my privacy
settings (or maybe "Profile Metadata"), he should see that he can read my
If Fred is the user, supported fields should return email. However, the
privacy settings/profile metadata should either not return email, or return
email with visibility of false.
We may also want to indicate the CRUD of the fields as well.