[Proposal] Clarify visibility of app data

[Evan Gilbert]

I don't believe OpenSocial has defined who can see your app data, and this can lead to information leaking via assumptions about the implementation across containers.

App data might be:

1. Public or visible to all users with the app installed (which is effectively public)
2. Private and only visible to the owner. This is very useful if implementations use app data to store user prefs.
3. Visible only to friends. Supporting this was an original goal of app data but seems to have never made it into the spec
   

Proposal:

• App data defaults to being public
  
• We add an additional parameter to support private app data, which is only visible to the owner of the app data.
• We don't support app data that is only visible to friends for now. I believe this would be really useful, but I don't think that containers would be prepared to implement it in a short term time frame.
• New version of http://code.google.com/apis/opensocial/docs/0.8/reference/#opensocial.DataRequest.newUpdatePersonAppDataRequest (new parts in bold)
  

Object newUpdatePersonAppDataRequest(id, key, value, opt_visibility)
Creates an item to request an update of an app field for the given person. When processed, does not return any data. Default visibility of app data is public, but you can set app data to be private and visible only to the owner.

Parameters:
String id - The ID of the person to update; only the special VIEWER ID is currently allowed.
String key - The name of the key. This may only contain alphanumeric (A-Za-z0-9) characters, underscore(_), dot(.) or dash(-).
Object value - The value, must be valid json
String opt_visibility. The visibility, one of "public", "private" (we can create enums for this)

Returns:
Object  A request object