Capabilities based management of virtual areas
First Claim
1. A computer-implemented method in a network communications environment comprising a server node supporting realtime communications between client nodes of co-present communicants in a virtual area comprising virtual rooms, the method comprising by the server node:
- creating a capabilities engine to manage capabilities on behalf of communicants in the virtual area, and provide for each communicant a respective capability ring that stores the communicant'"'"'s persistent capabilities and transient capabilities that are granted as a result of applying capability rules to events;
monitoring states of a particular one of the virtual rooms as defined by a document object model (DOM) that represents a current state of the virtual area and comprises an occupancy attribute that provides an indication of occupancy in the particular virtual room;
dynamically updating the respective capability ring of the particular communicant based on changes in states of the communicants and the virtual rooms, wherein the dynamically updating comprisesbased on a permissions check by the capabilities engine against the respective capability ring of the particular communicant, determining that the particular virtual room is in a first state as defined by a first set of one or more values of the one or more attributes in the DOM model and automatically granting a respective transient capability to enter the particular virtual room to the particular communicant, andbased on a permissions check by the capabilities engine against the respective capability ring of the particular communicant, ascertaining that the particular virtual room is in a second state as defined by a second set of one or more values of the one or more virtual room attributes in the DOM model in which the value of the occupancy attribute is different from the value of the occupancy attribute in the first state and automatically revoking the capability to enter the particular virtual room from the particular communicant; and
administering one or more of the supported realtime communications between the client nodes of respective ones of the communicants who are co-present in respective ones of the virtual rooms.
0 Assignments
0 Petitions
Accused Products
Abstract
Apparatus and methods of managing a virtual area based on communicant capabilities are described. The communicant capabilities are updated based on rules in response to events in the virtual area. An action by one communicant can affect the capabilities of another communicant. Communicant capabilities can be stored in respective server-side proxies and the virtual area can be managed without transmitting any of the capabilities to the communicants'"'"' client nodes. Capability-based permissions checks can be performed against communicant capabilities with wildcarded attribute fields.
45 Citations
20 Claims
-
1. A computer-implemented method in a network communications environment comprising a server node supporting realtime communications between client nodes of co-present communicants in a virtual area comprising virtual rooms, the method comprising by the server node:
-
creating a capabilities engine to manage capabilities on behalf of communicants in the virtual area, and provide for each communicant a respective capability ring that stores the communicant'"'"'s persistent capabilities and transient capabilities that are granted as a result of applying capability rules to events; monitoring states of a particular one of the virtual rooms as defined by a document object model (DOM) that represents a current state of the virtual area and comprises an occupancy attribute that provides an indication of occupancy in the particular virtual room; dynamically updating the respective capability ring of the particular communicant based on changes in states of the communicants and the virtual rooms, wherein the dynamically updating comprises based on a permissions check by the capabilities engine against the respective capability ring of the particular communicant, determining that the particular virtual room is in a first state as defined by a first set of one or more values of the one or more attributes in the DOM model and automatically granting a respective transient capability to enter the particular virtual room to the particular communicant, and based on a permissions check by the capabilities engine against the respective capability ring of the particular communicant, ascertaining that the particular virtual room is in a second state as defined by a second set of one or more values of the one or more virtual room attributes in the DOM model in which the value of the occupancy attribute is different from the value of the occupancy attribute in the first state and automatically revoking the capability to enter the particular virtual room from the particular communicant; and administering one or more of the supported realtime communications between the client nodes of respective ones of the communicants who are co-present in respective ones of the virtual rooms. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. Apparatus in a network communications environment implemented by one or more server nodes and supporting realtime communications between client nodes of co-present communicants in virtual rooms that define respective communication contexts in the network communications environment, the apparatus comprising a non-transitory memory storing processor-readable instructions, and a processor coupled to the memory, operable to execute the instructions, and based at least in part on the execution of the instructions operable to perform operations comprising:
-
creating a capabilities engine to manage capabilities on behalf of communicants in the virtual area, and provide for each communicant a respective capability ring that stores the communicant'"'"'s persistent capabilities and transient capabilities that are granted as a result of applying capability rules to events; monitoring states of a particular one of the virtual rooms as defined by a document object model (DOM) that represents a current state of the virtual area and comprises an occupancy attribute that provides an indication of occupancy in the particular virtual room; dynamically updating the respective capability ring of the particular communicant based on changes in states of the communicants and the virtual rooms, wherein the dynamically updating comprises based on a permissions check by the capabilities engine against the respective capability ring of the particular communicant, determining that the particular virtual room is in a first state as defined by a first set of one or more values of the one or more attributes in the DOM model and automatically granting a respective transient capability to enter the particular virtual room to the particular communicant, and based on a permissions check by the capabilities engine against the respective capability ring of the particular communicant, ascertaining that the particular virtual room is in a second state as defined by a second set of one or more values of the one or more virtual room attributes in the DOM model in which the value of the occupancy attribute is different from the value of the occupancy attribute in the first state and automatically revoking the capability to enter the particular virtual room from the particular communicant; and administering one or more of the supported realtime communications between the client nodes of respective ones of the communicants who are co-present in respective ones of the virtual rooms. - View Dependent Claims (18)
-
-
19. A computer-readable data storage apparatus comprising a memory component storing executable instructions that are operable to be executed by a processor in a network communications environment comprising a network service implemented by one or more server nodes and supporting realtime communications between client nodes of co-present communicants in virtual rooms that define respective communication contexts in the network communications environment, wherein the memory component comprises:
-
executable instructions to create a capabilities engine to manage capabilities on behalf of communicants in the virtual area, and provide for each communicant a respective capability ring that stores the communicant'"'"'s persistent capabilities and transient capabilities that are granted as a result of applying capability rules to events; executable instructions to monitor states of a particular one of the virtual rooms as defined by a document object model (DOM) that represents a current state of the virtual area and comprises an occupancy attribute that provides an indication of occupancy in the particular virtual room; executable instructions to dynamically update the respective capability ring of the particular communicant based on changes in states of the communicants and the virtual rooms, wherein the dynamically updating comprises based on a permissions check by the capabilities engine against the respective capability ring of the particular communicant, determining that the particular virtual room is in a first state as defined by a first set of one or more values of the one or more attributes in the DOM model and automatically granting a respective transient capability to enter the particular virtual room to the particular communicant, and based on a permissions check by the capabilities engine against the respective capability ring of the particular communicant, ascertaining that the particular virtual room is in a second state as defined by a second set of one or more values of the one or more virtual room attributes in the DOM model in which the value of the occupancy attribute is different from the value of the occupancy attribute in the first state and automatically revoking the capability to enter the particular virtual room from the particular communicant; and executable instructions to administer one or more of the supported realtime communications between the client nodes of respective ones of the communicants who are co-present in respective ones of the virtual rooms. - View Dependent Claims (20)
-
Specification