Security Levels in Venice

The security level system in Venice is based on a concept of "levels" represented by small 16-bit integers. A number of different security "scope" values are defined, each with a "low band" and a "high band" range of values, defined such that, for any scope level n (n>=0), the "low band" range for scope n+1 is immediately adjacent to, but greater than, the "low band" range for scope n, and the "high band" range for scope n+1 is immediately adjacent to, but less than, the "high band" range for scope n. A table of scopes and their ranges will help visualize this:

Scope Level	"Low Band" Range	"High Band" Range
0	0-1999	63000-64999
1	2000-3999	61000-62999
2	4000-5999	59000-60999
3	6000-7999	57000-58999
4	8000-9999	55000-56999
5	10000-11999	53000-54999
6	12000-13999	51000-52999
7	14000-15999	49000-50999
8	16000-17999	47000-48999
9	18000-19999	45000-46999
10	20000-21999	43000-44999
11	22000-23999	41000-42999
12	24000-25999	39000-40999
13	26000-27999	37000-38999
14	28000-29999	35000-36999
15	30000-31999	33000-34999

Within each scope level, a "low band" security level refers to an ordinary user at that scope, and a "high band" security level refers to someone who exercises administrative control over that scope (and therefore all scopes greater than or "inside" it). Objects which are logically "enclosed" by other objects have a higher scope value; for instance, a conference would have a higher scope value than a community, which in turn would have a higher scope value than 0 (the "global" scope).

The values 65000-65535 are not used, except that the value 65500 is defined as "no access" (something not even the global system administrator can touch). Neither are the values 32000-32999, except that the value 32500 is defined as "unrestricted user" (lying above the low bands of all scopes but below the high bands of any of them).

Within the "global scope" (scope 0), the following values are defined:

• 100 - User that has not logged in ("Anonymous Honyak")
• 500 - User that has logged in, but email address is unverified
• 1000 - User logged in and verified (normal user level)
• 64000 - Assistant administrator accounts ("PFY" level)
• 64999 - Global system administrator ("BOFH" level)

Communities use the scope level 3; the following values are defined within that scope:

• 6500 - Community member
• 58000 - Community co-host
• 58500 - Community host

Within communities, conferences use scope 6; the following values are defined within that scope:

• 12500 - Conference member (for private conferences)
• 52500 - Conference host

Each user has a "base access" level, within scope 0, that is stored in the "users" table. Each community has four defined access levels associated with it:

• Read level - minimum access level required to read the community's data. This is commonly 6500 (must be a member) but may be lower for special cases.
• Write level - minimum access level required to write the community's data. Since this refers to the community itself, this is commonly 58000 (hosts/co-hosts only)
• Create level - minimum access level required to create new objects in the community. Typically 58000 (hosts/co-hosts only).
• Delete level - minimum access level required to delete the community. Typically 58500 (host only).

The "sigmember" table maps UIDs to community IDs, adding a "granted level" field that specifies a given user's access level within the community itself. (If a user already has a higher access level than the "granted" access level, as in the case of the global sysadmin, the higher level takes precedence.) Note that this level grant is within the context of that community only, and does not affect access privileges to any other community.

Each conference has seven defined access levels associated with it:

• Read level - minimum access level required to read the posts. Commonly 6500 (member of community) for public confs, 12500 (conference member) for private confs.
• Post level - minimum access level required to post new messages. Commonly 6500 (member of community) for public confs, 12500 (member of conference) for private confs.
• Create level - minimum access level required to create new topics. Commonly 6500 (member of community) for public confs, 12500 (member of conference) for private confs.
• Hide level - minimum access level required to archive topics, or hide posts of which you are not the owner. Commonly 52500 (conference hosts only).
• Nuke level - minimum access level required to scribble posts of which you are not the owner, to nuke posts, or to delete topics. Commonly 52500 (conference hosts only).
• Change level - minimum access level required to change the conference's profile or membership list. Commonly 52500 (conference hosts only).
• Delete level - minimum access level required to delete the conference. Commonly 58000 (hosts/cohosts of the enclosing community only).

As with communities, there is a "confmember" table that maps UIDs to CONFIDs, adding a "granted level" field that grants additional access privileges. (There is also a field in the table that maps conferences into communities that allows a community to grant its users additional privileges within a conference. Normally, this field is 0, and so it "drops out" of the calculation of access levels.) Note that, if a user has no membership entry for a conference, the entry for the conference's enclosing community takes precedence, or the base level if there is no entry in any enclosing community. Also note that a grant of level for a conference or community only applies with respect to that conference or community, not any other.

Additional scopes and levels will be defined for additional objects as they are added to Venice.