Flexible Permissions System

[Arlodotexe]

Current State Comparison

Old Codebase

In our old codebase, we had hardcoded these rules for determining whether you can modify a project:

const userCanModify = isOwner || isLead || isSupport || isDev || isMod;
const userCanModifyDevs = isOwner || isLead || isSupport || isMod;
const userCanModifyLead = isOwner || isMod;

New Codebase

In our new codebase, the user isolation done by our Nomad repositories restricting modifications to only the owner and none else-- not the devs, not the leads, not even the community mods.

We'll need to address these one-by-one and determine whether it's still necessary, and if so, how we'll facilitate it.

Changes by Mods

It has been exceedingly rare for a moderator to need to edit a project, but it does happen.

Most of the time, the person who registered the project is the one to edit the project. On rare occasion, we run commands on behalf of the user(s) to help them out.

Most recently, this has only been necessary to correct when an Admin circumvents the project system by applying discord roles directly-- which most members cannot do.

It runs rarely otherwise, and will be needed less once we have slash commands. Still, we should consider adding it.

Changes to Leads/Devs

In the old codebase, the Developers on a project can be modified by:

• Owner
• Project leads
• Project support
• Mods

While the "Lead" on a project could only be modified by:

• Owner
• Mods

This meant that the owner or a mod could add a project lead and have them flesh and add dev roles on the owner's behalf.

This was a useful feature to have, and may be needed again.

As is, this could only be built on the Discord layer and doesn't make sense to build as an extension of our p2p SDK.