matrix-spec-proposals
matrix-spec-proposals copied to clipboard
matrix-org
[WIP] MSC2812: Role-based power/permissions
As far as I understand it, this proposal for role-based permissions would be similar to the current power level system in that it only defines permissions in a single given room at a time.
I am not savvy enough to answer this question by my own research, but would this proposal be flexible enough in its implementation to be expanded upon to create a multi-room role system? Such a system would allow for unified roles and permissions for a whole community/group (not sure the preferred nomenclature at this point) or homeserver, for example, which I think is an important feature as it mirrors real-life community (peoples' identities and privileges carry over from place to place within a given community). I could see some potential messiness with this approach (for example, if a single room was part of two separate communities), but I think it's an important feature that would be needed if the Discord crowd, among others, is to switch to Matrix.
@squarepupil that all would be explicitly out of scope of this whole MSC - the communities MSC would have to figure out how roles work, but may very well use this MSC as a base.
This will be useful to create a governance structure that involves some moderators that are not allowed to post on their own but moderate others' posts.
Maybe it could make sense to just add all permissions of all roles (this would make the order arbitrary and reduce complexity) and then combine it with the Telegram approach of "restrictions" for specific users.
This would mean that roles just give permissions (which makes sense from a human standpoint - why should I have less permissions when I get another role?) and at the end some permissions can be restricted away with a restriction. This restriction can also contain a reason text. I.e. a user can be restricted of sending picture messages and the reason could be "You sent nsfw pictures. See our rules [link to the rules]".
This would also open a whole lot of opportunities. I.e. bots could automatically restrict new users from sending messages and add a reason with a link to the rules. Clicking this link and accepting the rules will then trigger the bot to lift the restrictions. Also then there is another reaction to rule violations then kicking/banning: A bot could restrict a user for a limited time (and maybe for a limited set of features) while also telling the user WHY he was restricted. Then the bot could lift the restiction again after some time. Alternatively the restriction could be given an expiry date.
This restriction can also contain a reason text
I don't think mixing moderation and permissions concepts in a single system is a good idea. This can be done in practice (e.g. if you are being unruly you get a muted role and a warning message from a moderator), but attaching a warning message to the muted role would mean potentially keeping track of every punishment separately. What you're describing would be more suitable for a moderation system which documents the user in question, the moderator, the infraction, and the action taken, where that action could be that they were muted or they were restricted from sending images.
This would mean that roles just give permissions (which makes sense from a human standpoint - why should I have less permissions when I get another role?) and at the end some permissions can be restricted away with a restriction.
I would argue that adding a role means permissions taken away would make sense from a human standpoint much in the same way that you can be given a speeding ticket and now be out something you weren't before.
This is where the tristate we were discussing earlier comes in. It allows you to do what you were proposing - removing permissions through restrictions - through the role system. So my mute role, for instance, could deny permissions to send messages, upload images, and add reactions, which could then be awarded to people (manually or through a bot or separate moderation system) through or as the result of an infraction.
I'm going to drop what I think here, ok?
I do like the power level system a lot, so I would like to propose a kind of hybrid model, merging both roles and power levels.
That would turn power levels into roles representations, for example, if we have the moderator role, we list it as power level 50 (the moderator role itself contains all of the actions that a moderator can do like ban, kick...), the same with an Admin (power 100) the only difference is that the Admin would have (by default) all possible actions and tools available.
We obviously would include a "Custom" option which shouldn't have a power level associated to it, just that the user/Admin can choose what actions that custom role can do.
fyi for subscribers: This MSC is effectively replaced by another WIP MSC: https://github.com/matrix-org/matrix-spec-proposals/pull/4056