simplex-chat icon indicating copy to clipboard operation
simplex-chat copied to clipboard
verified publisher icon simplex-chat

[Feature]: Better Roles and Permissions System for Groups

Open kevATin opened this issue 1 year ago • 1 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Platform

all

App version

No response

Feature

The current system is pretty limited and since support for bigger communities is planned I am hoping to see a more robust permission system. The following is my suggestion on how it could be handled.

Roles:

  • The pre-set default roles are Observer, Member, Admin, Owner
  • Users with the required permission can add, remove, and change the current roles
  • At least one role must always exist for each group
  • Each user must always belong to one role and it is not possible to hold multiple roles, because I do not think the system needs to be in-depth enough to handle inheritance
  • Users with the required permission can assign users to new roles (provided the user's priority is higher than the target user's)
  • Each role has a priority level (eg observer 1, member 5, admin 10, owner 50), which decides whether the user can enforce certain changes on another user like changing their role.
  • Consider: should the owner role always have the highest priority and have the permission to change roles hardcoded?

Permissions:

  • Each role has a list of defined permissions.
  • For simplicity the permission system should only be positive, so no subtractive permissions.
  • Potential permissions could be:
  • send_messages
  • send_images
  • send_videos
  • send_files
  • send_audio
  • send_disappearing_messages
  • send_direct_messages
  • delete_message_for_everyone
  • react_to_messages
  • pin_message
  • edit_message
  • view_history_before_joining (100 last messages)
  • view_messages (something that normally every member would have, but by not giving it to a role you could create a simple way for users to anonymously drop off feedback into a publicly accessible group with only the owners seeing it, and it becomes even more useful if communities get multiple channels with the ability to limit permissions per-channel)
  • view_images
  • view_videos
  • view_files
  • view_audio
  • change_group_name
  • change_group_description
  • change_group_image
  • change_group_welcome_message
  • change_group_roles
  • assign_role
  • etc

If communities with multiple channels are added then a normal permission could count for all channels, while a permission like "view_messages#private" could permit viewing the private channel. Though it would have to be kept in mind that in order for only that role to be able to see the private channel messages, none of the other roles must have the "view_messages" permission and instead each #channelname permission would have to be added manually for every role. A permission system that has a concept of a "default" and supports both positive as well as negative permissions would be easier to adjust, but probably more difficult to implement.

Will something like this be added in the future?

kevATin avatar Oct 20 '24 19:10 kevATin

The more granular the permissions the better. This is a good opportunity to catalyze adoption following the Telegram news. People are in search of a private messenger that accommodates large group use cases. Currently, effectively none do.

Please make reacting with emojis and sending a message 2 separate permissions. As in:

Allow some users to react with emojis BUT can’t send messages, and allow some users to send messages BUT can’t react to messages.

Bulking permissions together reduces use case. The more separated actions the better.

song-glitch avatar Oct 22 '24 23:10 song-glitch

There's a related issue here: https://github.com/simplex-chat/simplex-chat/issues/4943

For many groups, having people with the power to delete other people's messages presents a huge safety risk and it's extremely necessary to manage permissions so that nobody can do that.

ManyObjects avatar Nov 12 '24 21:11 ManyObjects