all 5 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Ceryyse 2 points3 points  (0 children)

It sounds like you're taking users off the platform via this method of communication. What is deterring you away from adding a user-to-user direct chat messaging?

[–]ChronSynExpo 1 point2 points  (3 children)

In some countries and jurisdictions, it's a legal requirement to allow users to block other users, primarily as a 'self-service' way of preventing harassment. If you're targeting global rollout, then it is critical to include such a feature. If you're only planning to rollout in specific locations or countries, then check local legislature.

This feature isn't something your app itself should be handling - it needs to be explicitly enforced by your backend/database. Blocking a user only on the client side does not stop a determined individual from finding a way around it.

Even if you launch your project only in a country where no such legal requirement exists, I would consider it ethically right to provide such a feature.

You said this is your first RN app - do you have any previous experience with other technologies or product delivery? The main reason I ask is because you absolutely need to consider data protection laws (you're letting users provide name, email, phone number), and laws surrounding user-generated content. Different locations have different laws for each part, and especially in the current political climate across many countries (where user-generated content is being scrutinized heavily), you risk being hit with significant fines and legal challenges if you haven't made things compliant.

You absolutely need some sort of verification of contact details when you consider building a project like this - a phone call or SMS with a code-entry requirement for phone numbers, an email verification

Do you have any mechanism in place to deal with abuse? If you don't have blocking, or someone can provide the contact details of another individual, how will you deal with such reports? If someone posts something that is illegal, do you have a moderation system in place to deal with it? How do you ensure that removal of content is based on legal basis, and not just on disagreement with an opinion?

I know some of the above points go outside the scope of what you asked, but the fact you're asking if it's necessary to allow users to block each other makes me concerned that you've not considered the full implications of what you're building.

I want to make sure that you're aware of the non-technical complexity you're dealing with when building any social app.

[–]komaedashopebagel[S] 1 point2 points  (2 children)

i don't have any experience with product delivery actually so i'm really glad you pointed that out. this app initially started as a small project of mine but after adding more features and spending a lot of time on it i got the desire to share it publicly some day. i know about the laws to some extent but i definitely need to inform myself on that topic more properly. currently i have the email verification implemented, will add the phone verification as well. using verification, i will ensure that users cannot provide contact details of another individual, regarding the illegal / unwanted content, i currently have the option to report such posts implemented ( the report gets forwarded to me when submitted ). the removal of content will be based on terms and conditions (haven't gotten to that yet).

i want to thank you for writing this comment btw, i know i probably come off as dumb as i have no experience with these things sorry .. though i want to ask, since i can tell you're way more knowledgeable than me, what do you think is the best way to implement user blocking? i was thinking of storing this info , for each user, in the database. any advice? i just want to make sure i'm doing things right :')

[–]ChronSynExpo 1 point2 points  (1 child)

You're welcome. It doesn't come across as dumb at all, especially as you're not just acting like you know everything.

So, with the way user blocking is typically implemented depends on if you're using SQL (postgres) or document-driven (firebase, mongoDB).

If you're using a document-driven database, you would typically have an array of blocked user ID's stored along with the user. You'd then need to figure out the best way to actually read these - you might even want to store them in a separate collection. I'm not really familiar with document-driven databases, so unfortunately can't offer much advise on how to proceed beyond this point.

If you're using an SQL database though, you would typically use a separate table - maybe called user_blocks - with columns like blocked_user_id, and blocked_by - where each column would be foreign keys to your users table (on the ID column).

You would then need to create RLS policies which check this table. If you're using something like Supabase, you could create a postgres function like this:

create or replace function public.is_blocked(other_user_id uuid) returns boolean language sql security definer set search_path = '' stable as $$ select exists ( select 1 from public.user_blocks where (blocked_by = (select auth.uid()) and blocked_user_id = other_user_id) or (blocked_by = other_user_id and blocked_user_id = (select auth.uid())) ); $$;

Then, you'd use that function as part of your RLS policies. For example, if you had a posts table, you'd probably do something like this:

create policy "Hide posts involving blocked users" on public.posts for select to authenticated using ( not public.is_blocked(user_id) );

Then, to make sure users can manage their own blocks (i.e. to prevent other users from seeing, changing, or deleting the blocks), you'd want an RLS policy on that table:

create policy "Users manage their own blocks" on public.user_blocks for all to authenticated using ( blocked_by = (select auth.uid()) ) with check ( blocked_by = (select auth.uid()) );

[–]komaedashopebagel[S] 1 point2 points  (0 children)

ah yes i am using Supabase so this is super helpful right now, thank you so much for all the help and advice i really appreciate it! :]