Programming

Tagging is Not Just for Content

    James Edwards
    Share

    We all know what tags are in web terms, right? (If not, check out this Wikipedia article on the subject.) Tags are almost exclusively used to associate subject matter with content; you tag something like a photo or a blog post with a number of keywords that describe it, so that you can build semantic relationships — search criteria, content-by-subject lists, that kind of thing.

    But it occurred to me that tagging can also be used as the basis of an authentication system. (To give props — I came up with this idea a while ago but I didn’t think of it in terms of tagging; it was Lachlan Hardy who made that connection for me.)

    The idea is very simple: you create a system in which you define a number of tags that indicate permission groups, so you might have tags like guest, friend, moderator and me. Individual users also have one or more tags associated with their user account.

    Then for each piece of content, you assign tags that indicate who’s allowed to see it — if a post is tagged me, moderator then only you and mods can see it. Or to put it more generally, whenever a permission tag for a piece of content and a permission tags for a user coincide, that user is allowed to see that content.

    The real point here is that it’s infinitely extensible. You can define any number of tags — from tags that apply to everyone, right down to individual users — and create a user/permissions system that’s as granular as you need. (One of the problems with XFN is that it’s too broad — I can’t encompass all my personal relationships as friend or acquaintance.)

    You could describe this as a kind of role-based authentication, and in those terms it’s not a new idea; you might also see it as inverted role-based authentication — instead of defining user groups that have attributes (such as the member groups in vBulletin), we’re defining attributes directly, and therefore bypassing the need to define groups. Either way, by putting it in terms of tagging it somehow seemed more interesting, and more relevant to modern web development practices.

    And it makes me wonder — where else could we extend the idea of tagging, beyond its current uses? Let me know your thoughts in the comments.

    Image credit: juandesant