Once a web-based product reaches a certain level of maturity, the question of access control rears its head. Say you are making a resource available – who has access to see it? who has access to edit it?
There are two rough categories of solutions to this problem. The first more techie and complex solution is: “let the user decide everything”. Lets say you can perform different operations on a resource (edit, copy, share,..) – the user will decide what level of access each user or group of users gets. This quickly evolves into complex feature lists, each individually controlled by toggling it on or off for complex user hierarchy and groups. A sample of this is live in your desktop operating system:
The file permission dialog box in windows includes seven different feature toggles, and this is just in the “simplified” control. The horrors lie dormant under an innocent “advanced” button.
On the other hand lies a philosophy of setting several pre-prepared classes of access and letting the user pick one. For example: share by allowing public access, shared-key access (access only to people who know something) or completely private. A nice example of this is the Picasa picture album settings tab.
In these products, you can select to share with the: world (no control) friends (only people who have, say, a link) or nobody (private).
Over the course of a typical product lifetime, where access control is a feature, the pull towards “feature toggles” exists, and is sometimes very tempting. Beware! once you go that way, you can’t go back – the “advanced” button will always be there to be misunderstood.
A nice approach by some other applications – Facebook, for example, is letting you create lists for each of the pre-set permission (in facebook, the permission is either to share or not to share). This is a nice solution that approaches the problem from the customers point of view: “I want to share with the world… except my mother :-) “
My experience shows that even if customers initially demand complex feature toggles, after some use they grow to appreciate the simplicity of a small set of predefined access classes.