You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A permission is a string (eg. 'command.echoRaw') that is either set, or not set, for a user, server, and user-server combo. Having a permission set grants that permission for the user on the given server.
Eg. on one discord server a user might have permission to view all reminders, but not on another. (does this make sense?) It would depend on the permission as to what its scope should be.
Commands can provide their own permissions, I guess in the format of command.<commandName>, or rely on other permissions (eg. admin).
Since identities are already associated with servers (this might be in the identities branch), an interface like user.hasPermission('ADMIN') or user.hasPermission('command.echoRaw') should be adequate.
Server permissions can be used to flag server abilities, eg. a minecraft might provide the server.minecraft permission, which would be required for the !fish command. It feels like a hack but the way permissions work would suit this pretty well.
This would mean that there are static and dynamic permissions. Static as in a server type provides a particular permission, and dynamic as in, one that is explicitly granted to a user (or server).
Not all users should be able to do all the things. At the very least, DashBot should respect server admin roles.
The text was updated successfully, but these errors were encountered: