Granting permission to act on behalf of a user in a social networking system
First Claim
1. A method comprising:
- storing, in an online system, data describing an organization, wherein the data describing the organization identifies one or more assets maintained by the online system and associated with the organization, each asset associated with a type of asset that is selected from a group of types of assets consisting of;
a page, an advertising account, a source of funding, a list identifying one or more users of the online system, an application, and an event, wherein each type of asset is associated, respectively, with one or more roles that identify one or more actions a user is authorized to perform on behalf of the organization;
receiving, by the online system, a request from a first client device associated with the organization, the request to associate a role with the user of the online system, the role identifying an action the user is authorized to perform on behalf of the organization for a first asset of the one or more assets;
determining, by the online system, a type of the first asset;
determining, by the online system, whether to associate the role with the user according to a connection between the user and the organization maintained by the online system and the determined type of the first asset;
responsive to determining to associate the role with the user;
determining, by the online system, one or more permissions enabling the user to perform the action identified by the role with the connection between the user and the organization, the role determined to be associated according to the determined type of the first asset, determining the one or more permissions comprises;
generating a first persona associated with the user, the first persona including a first subset of information associated with the user by the online system,generating a second persona associated with the user, the second persona including a second subset of information associated with the user by the online system,establishing a connection between the organization and the first persona,establishing a connection between another organization and the second persona,providing the first client device associated with the organization access to the first subset of the information associated with the user included in the first persona, andpreventing the first client device associated with the organization access to the second subset of the information associated with the user included in the second persona, andstoring information describing the one or more permissions enabling the user to perform the action identified by the role in association with the connection between the organization and the first persona;
receiving, from a second client device associated with the user, a user request of the user to perform the action identified by the role associated with the determined type of the first asset; and
authorizing the second client device associated with the user to perform the action according to the information describing the one or more permissions.
3 Assignments
0 Petitions
Accused Products
Abstract
A social networking system allows entities to delegate actions performed on behalf of the entity to social networking system users by assigning one or more roles to social networking system users. Roles may be assigned based on information associated with the entity by the social networking system. Different roles are associated with sets of permissions specifying actions a user associated with a role is authorized to perform on behalf of the entity via the social networking system. Certain permissions of a role associated with the user may be associated with additional users by the user. A persona including a subset of information associated with a user by the social networking system may be created for a user assigned a role, allowing the user to limit information accessible to additional users connected to the persona.
-
Citations
15 Claims
-
1. A method comprising:
-
storing, in an online system, data describing an organization, wherein the data describing the organization identifies one or more assets maintained by the online system and associated with the organization, each asset associated with a type of asset that is selected from a group of types of assets consisting of;
a page, an advertising account, a source of funding, a list identifying one or more users of the online system, an application, and an event, wherein each type of asset is associated, respectively, with one or more roles that identify one or more actions a user is authorized to perform on behalf of the organization;receiving, by the online system, a request from a first client device associated with the organization, the request to associate a role with the user of the online system, the role identifying an action the user is authorized to perform on behalf of the organization for a first asset of the one or more assets; determining, by the online system, a type of the first asset; determining, by the online system, whether to associate the role with the user according to a connection between the user and the organization maintained by the online system and the determined type of the first asset; responsive to determining to associate the role with the user; determining, by the online system, one or more permissions enabling the user to perform the action identified by the role with the connection between the user and the organization, the role determined to be associated according to the determined type of the first asset, determining the one or more permissions comprises; generating a first persona associated with the user, the first persona including a first subset of information associated with the user by the online system, generating a second persona associated with the user, the second persona including a second subset of information associated with the user by the online system, establishing a connection between the organization and the first persona, establishing a connection between another organization and the second persona, providing the first client device associated with the organization access to the first subset of the information associated with the user included in the first persona, and preventing the first client device associated with the organization access to the second subset of the information associated with the user included in the second persona, and storing information describing the one or more permissions enabling the user to perform the action identified by the role in association with the connection between the organization and the first persona; receiving, from a second client device associated with the user, a user request of the user to perform the action identified by the role associated with the determined type of the first asset; and authorizing the second client device associated with the user to perform the action according to the information describing the one or more permissions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method comprising:
-
storing, in an online system, data describing an organization, wherein the data describing the organization identifies one or more assets maintained by the online system and associated with the organization, each asset associated with a type of asset that is selected from a group of types of assets consisting of;
a page, an advertising account, a source of funding, a list identifying one or more users of the online system, an application, and an event, wherein each type of asset is associated, respectively, with one or more roles that identify one or more actions a user is authorized to perform on behalf of the organization;receiving, by the online system, a request from a first client device associated with the user, the request to associate a role with the user of the online system, the role identifying an action the user is authorized to perform on behalf of the organization for a first asset of the one or more assets; determining, by the online system, a type of the first asset; determining, by the online system, whether to associate the role with the user according to a connection between the user and the organization maintained by the online system and the determined type of the first asset; responsive to determining to associate the role with the user; determining, by the online system, one or more permissions enabling the user to perform the action identified by the role with the connection between the user and the organization, the role determined to be associated according to the determined type of the first asset, determining the one or more permissions comprises; generating a first persona associated with the user, the first persona including a first subset of information associated with the user by the online system, generating a second persona associated with the user, the second persona including a second subset of information associated with the user by the online system, establishing a connection between the organization and the first persona, establishing a connection between another organization and the second persona, providing a second client device associated with the organization access to the first subset of the information associated with the user included in the first persona, and preventing the second client device associated with the organization access to the second subset of the information associated with the user included in the second persona, and storing information describing the one or more permissions enabling the user to perform the action identified by the role in association with the connection between the organization and the first persona; receiving, from the first client device associated with the user, a user request of the user to perform the action identified by the role associated with the type of the first asset; and authorizing the first client device associated with the user to perform the action according to the information describing the one or more permissions. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable storage medium having instructions encoded thereon that, when executed by a processor of an online system, cause the processor to:
-
store, in the online system, data describing a user, the data identifying one or more assets associated with the user, each asset associated with a type, wherein the data describing the user identifies one or more assets maintained by the online system and associated with the user, each asset associated with a type of asset that is selected from a group of types of assets consisting of;
a page, an advertising account, a source of funding, a list identifying one or more users of the online system, an application, and an event, wherein each type of asset is associated, respectively, with one or more roles that identify one or more actions a target user is authorized to perform on behalf of the user;receive, by the online system, a request from a first client device associated with a requesting user, the request to associate a role with the target user of the online system, the role associated with an asset and identifying an action the target user is authorized to perform on behalf of the user for a first asset of the one or more assets; determine, by the online system, a type of the first asset; determine, by the online system, whether to associate the role with the target user according to a connection between the target user and the user maintained by the online system and the determined type of the first asset; responsive to determining to associate the role with the target user; determine, by the online system, one or more permissions in association with the connection between the target user and the user, the one or more permissions associated with the determined type of the first asset and enabling the target user to perform the action identified by the role, the role determined to be associated according to the determined type of the first asset, determining the one or more permissions comprises; generating, by the online system, a first persona associated with the target user, the first persona including a first subset of information associated with the target user by the online system, generating, by the online system, a second persona associated with the target user, the second persona including a second subset of information associated with the target user by the online system, establishing, by the online system, a connection between the user and the first persona, establishing, by the online system, a connection between another user and the second persona, providing, by the online system, a second client device associated with the user access to the first subset of the information associated with the target user included in the first persona, and preventing, by the online system, the second client device associated with the user access to the second subset of the information associated with the target user included in the second persona, and store, by the online system, information describing the one or more permissions enabling the target user to perform the action identified by the role in association with the connection between the user and the first persona; receive, from a third client device associated with the target user, a user request of the target user to perform the action identified by the role associated with the type of the first asset; and authorize the third client device associated with the target user to perform the action according to the information describing the one or more permissions.
-
Specification