The first release of StoryEdit (0.51) had a very simple security model. Since the idea was allowing game referees and creators to collaboratively write stories. Since then a new mission has appeared, documenting existing campaigns or stories. In this role players and master must share the same space, but player must have some restrictions. This document describes the new security model for StoryEdit.

In order to addapt to the new mission, StoryEdit’s security system must handle the following issues:

1. Not all users can see all the characters and groups; some parts of the story should be hidden, such as the PCs archenemy and his henchmen;
   
2. Parts of the story can be revealed in the future (such as the archenemy revealing himself);
   
3. Even if a user can see a part of the story, he may se only bits of that part. Say the user discover someone, they may know only public parts of that persons background, description, goals, or relations;
   
4. Users should edit only those objects he can see.
   

To handle this, the proposed security system would work with the following elements:

Categories

This defines what is the function of a character or group in a story; some examples of categories are: PC, NPC, hidden NPC, and so on.

Roles

Define what roles exist for that story, roles will contain the users, and would be things like StoryMaster, Player, Assistant StoryMaster.

Access

Access defines what permission a role has on a category. This would determine if a user can or not see an object or edit it.

Ownership

Object can optionally have owners, owner have more power to edit an object. This allows players to see each others characters but only the owner can edit his character.

Among the action that an user can do on the StoryEdit level, we have:

• Create Story


• Delete Story


• Change a Story Access Control


• Import users

On the story level a user can:

• Change ownership of objects


• Edit Story Access Control

On the object level (controlled by the categories of the objects):

• View or edit an object (see below for scope details)


• Create an object


• Delete objects

Users can only edit, create or deletes objects in the categories they have access to (this is defined by the roles).

No matter what access to a category object owners can:

• Grant ownership to other users


• Edit the object, including deleting parts


• Change the category of the object

A new concept, which is still in planning, is the scope of information of a character or group. The idea is that not everybody can see everything in an object (persona or group). What if the relation between a PC and the archenemy is unknown to the other players? The scope can solve this, and the following scopes exist:

public

You can see the object, you can view this

protected

Only owner or users with proper access can see this information

private

Only owner or users with proper access can see this information

Protected and private are different restriction levels. One use is to allow players to see more than the public part of the other PC, but can’t see private information. If more than one group of players exists (for large LARP games), this could be use to restrict access to subgroups of users (Camarilla character can see protect parts of Camarilla PCs, but not of Sabbat). The difference between private and protect has more meaning in StorySGML. Personas that are member of a group can see protected information of that group. This is a way to limit access to information even in the static SGML files.

An example

As an example lets assume we have an Ars Magica Saga. We would need the following categories:

• PC (individual character)
  
• Grogs (these are PCs controlled by every player)
  
• NPC
  
• Hidden NPC
  

The following roles should be created:

• Players (all the players)
  
• Beta Story Guide (auxiliary referees)
  
• Alpha Story Guide (the main referee)
  

Now we defined the access

Players (all the players)

Can view public and protected information of PC, can edit Grogs (this view everything), can see public parts of NPCs

Beta Story Guide (auxiliary referees)

Can edit everything from NPC, and see everything of Grogs and PC (they can’t edit)

Alpha Story Guide (the main referee)

And see everything including hidden NPCs, and edit all but the PCs