Card permissions

•  Only those who can view a card should be able to perform any of the following acts on it: read, comment, delete
  
• delete option should not show up on User+*tform unless you can actually delete that card.
  

Personal Cards

(not documented)

Personal cards are junction cards that fit this pattern:

(some card) + (your User Card)

or any card joined to a personal card. These are the only cards where card permissions may be set to a user rather than a group. If you change a personal card's name such that it becomes a public card, its permissions will become the default permissions for a card of that type.

Future possibilities

• edit Server/Ruby cards -- could make these a global permission if there is a security-driven need (Not implementing now, but let's put a comment in the code where you have to go to turn on Server cards that for now, giving ability to "set permissions on all cards" opens this security hole. Are Ruby cards an issue this way too?)
• could handle extension-related permissions as role permissions or per-card/+*tform/+*form(?!), eg:
• new global permission: enjoy_full_permissions -- overrides all card-based permissions and lets you create, view, edit, and delete any card. (??)
• Group cards. (some card + Role card). Roles extensions might be expanded to include moderators, owners, etc..
• get rid of administrative user? make it a special user, not a special role?

possible name changes: Role --> group. Administrative User --> Root