Permissions

Bot

When the bot is planned to be added to a server, it will display a modal similar to the one below when you use the invite link for the bot (after you've initially selected what server you want to add it in):

The given permissions that you need to invite the bot with are the ones that will allow all of its functionality to be available to you. You're free to disable these permissions after inviting the bot, but please don't remove them from this modal. If you disable a bot permission, you need to make sure that you disable either the individual command(s) relating to that permission or the whole module if you're not using any bot feature relying on that permission.

Please note that the !announce command in the bot does not require the "Mention everyone/here/All Roles" permission to be enabled. Currently, it will enable the role to be mentionable, send the message and then turn off mentionability. Even if this functionality changes, the permission to mention everyone will not be requested. You will need to enable this yourself if you want it.

Dashboard

Permissions are a way for the dashboard to make sure that you're only able to do the things that you need to do. There are many permissions and each permission setting controls what features you can access for a guild config.

It should be noted there are usergroups on the Dashboard. However, with the exception of bot development staff, these won't have an effect on your use of anything. Nearly everyone will be a User of the dashboard.

Some of these permissions are tied to roles on the support server. It is noted by a hint as to which ones these are. Such roles are granted only once: that is, as long as you have the permission in question for one guild, you gain the role associated to the permission.

Guild Owner

By default, the owner of the server (this is the user with a crown icon in Server Settings -> Members) will be able to control who can do things with the guild configuration. Owners have no access grant requirements as, by default, they will be able to access all pages associated to that guild by virtue of being the owner.

In a newly invited guild, only the official owner can change user access rights for their guild. In some cases, where the owner is inactive or delegating responsibility to someone else, the bot development staff can grant permissions, but only where approval has been sought and granted by the server owner. Guild Ownership permissions are non-transferrable on the dashboard: that is, the permission level granted to owners are not addable to others.

If the guild owner chooses to transfer ownership of their guild to someone else, the guild ownership permissions will automatically apply to the new owner: the previous owner will automatically lose them.

Config Management

View Config

The view config permission allows the requisite user to read (but not edit) the bot configuration for the guild. This can sometimes be useful if you want admins to understand your config and suggest changes but without actually editing it. It can also help if you are sharing your config with other bot users so they can understand how you've configured the bot in your guild, giving them ideas for how to set it up in their own guild.

When a user has View Config, they will be able to view the config and the history changes to it. However, the text editor is disabled and they won't be able to view the particulars of any history log entries.

Edit Config

The edit config permission allows the requisite user to read and edit the bot configuration for the guild. With this, the user has the ability to configure the bot in every possible way, so care should be taken with who has access to edit the config.

If someone has both view and edit config permissions, then edit config supercedes the view config permission. Editors can also view the particulars of the history log, allowing them to audit the changes made by other editors if needed.

Manage Access

It's all fine and well having permissions, but it doesn't help anyone if users are not able to gain access to these things. Manage Access is the permission that allows someone to be able to change user rights in a guild, making it possible for other users to get the same permission. Because of the power of this permission, it has deliberate limitations in place:

• If a user isn't a bot developer or the guild owner, they cannot grant Manage Access to anyone else. This is to prevent a user from granting randoms the same ability to manage accesses, which could lead to rapid issues with malicious actors then able to be invited.

• You can never manage your own access rights. If you try, you are given a warning message. This is to prevent you locking yourself out of your account by mistake, or allowing you to escalate your own permissions for malicious reasons.

• You can never manage the access rights of the guild owner. As they already have all permissions, creating permission records for them is pointless.

• You can never grant permissions to another user that you don't already have. To explain this: if you have View Config and View Infractions, but no other permission, you can only grant others these permissions. This is to prevent a bad actor from potentially granting random permissions to others, like edit config, while not actually having that perm, potentially leading to alts being abused to corrupt guild configs.

If you are unable to change a permission, it is greyed out and a tooltip will be displayed indicating that you don't have this permission. The backend also ensures you cannot grant such permissions that you don't have, to prevent anyone trying to abuse the HTML console in a browser.

Other Permissions

Manage RankBot

This is a meta permission for being able to access the configuration file for RankBot if you're using that bot on your server. This will have no effect if the bot was never added to your discord, instead it will just lead the user to an error screen about a missing file.

View Archives

So you have a bunch of manually or automatically generated text archives being created for your guild. Great, but you'll go to the url and find you can't read anything. This permission grants the user the ability to read these archives. Please note the permission is per-guild: this means that you can only read archives for guilds where you have permission. This is for privacy reasons.

View Infractions

This permission allows the user to view all of the infractions ever given in the guild. This makes it more useful than !inf search, which only allows you to get infraction data for a specific person. You can filter the data here based on the action, the target user (either their name or their ID) or the issuing moderator.

View Reaction Roles

This permission allows the user to manage the Reaction Roles functionality. This has no meaning if the Reaction Roles feature is disabled in the configuration.