Discord is a great platform for creating large communities of likeminded people all over the world. These communities, or "servers", can be of varying sizes - from a small group of firiends, to an official game server.
In the former case, a server with friends does not need to worry so much about the permissions that everyone has - people can mess about for a laugh, but the main use of the server is just to talk to friends. However, for the larger servers, such as clan servers and official game servers, a rigorous permissions system is required to ensure that people do not overstep their bounds and wreak havoc on the members. The main issue with this, and the point of this proposal, is that server owners have to worry more about permission abuse than permission mis-management. The distinction here being that abuse comes about when a member has too much permission at their level, and mis-management is a server management failure.
1: The Current Situation
Currently in Discord, permissions are very simple. A permission for managing messages exists with the ability to delete and pin messages. A permission for managing roles exists with the ability to add, remove and edit the roles of any user below them. There is a basic hierarchy which can be totally ignored if someone has the Administrator role. There is no inheritance system which can make setting up roles correctly much harder, and makes role lists sprawling and complex. And last but not least, the "Manage @everyone, @here and All Roles" permission is all bound to the same thing.
The issue is a fairly easy one to understand - the system is too simple. There are multiple different permissions in each option, which is an affront to user experience design and a total failure to the security and prosperity of servers. For example, "Manage Messages" gives me pin permission but also delete permission. While I can see these are both examples of someone managing a message, what if I want to give certain members the ability to pin but not delete messages? This would require the use of a custom bot, totally circumventing the permissions system altogether.
However, the simplicity of the system is also a boon; for smaller servers or even servers with inexperienced admins/owners, having a simple system is preferable to sprawling menus and fine-tuning each option.
2: The Solution
The solution, then, is to create a new permissions system entirely, with a focus on both organisation of permissions and the depth of control users have. Below I have laid out both a tree of most of the expected features and a potential layout, as well as a UI example of how this could be implemented.
• ├── Manage Messages │ ├── Pin Messages │ └── Delete Messages ├── Manage Members │ ├── Kick Members │ ├── Ban Members │ ├── Mute Members │ │ ├── Text Chat │ │ └── Voice Chat │ ├── Move Members │ ├── Disconnect Members │ ├── Deafen Members │ └── Nicknames │ ├── Change Own Nickname │ └── Change Others Nicknames ├── Manage Server │ ├── Change Server Name │ ├── Change Server Icon │ ├── Change Server Region │ ├── Change Server Banner │ ├── Change Server Invite Splash Screen │ └── ├── Manage Roles │ ├── Add New Role │ ├── Delete Role │ ├── Edit Role Settings │ │ ├── Edit Role Name │ │ ├── Edit Role colour │ │ └── Edit Role Permissions │ ├── Grant Roles │ └── Revoke Roles ├── Manage Channels │ ├── Create New Channel │ ├── Move Channel │ ├── Edit Channel │ │ ├── Edit Channel Name │ │ └── Edit Channel Permissions │ └── Delete Channel ├── Create Invite │ ├── Maximum Invited User Limit │ └── Maximum Invite Validity Duration ├── Manage Emoji │ ├── Add emoji │ ├── Rename Emoji │ └── Delete Emoji ├── Manage Webhooks │ ├── Add Webhook │ ├── Edit Webhook │ └── Delete Webhook ├── Channel Visibility and Connectivity │ ├── See Text and Voice Channels │ ├── Send Messages In Text Channels │ ├── Connect to Voice Channels │ └── Speak in Voice Channels ├── Text Chat Content Permissions │ ├── Send Embeds │ ├── Send Files │ ├── Send TTS Messages │ ├── Use External Emojis │ └── Add Reactions ├── Video Chat Content Permissions ├── Use Video Chat │ ├── Go Live │ └── Webcam │ └── Priority speaker ├── View Audit Log └── ADMINISTRATOR
I tried my best here to reconstruct the Discord UI and then add my own elements. As we can see, the majority of the content is the same, with the exception of the added control and organisational elements. Each group of permissions is bundled into a toggleable "folder" to hide and show the elements you need and de-clutter the window.
The toggle switches make a return, and for added control I've included checkmark boxes for toggling different options under a main feature - for example "Mute Members" has a "Mute Text" and "Mute Voice" option which can be toggled independently. In this case if one were to un-toggle the main "Mute Members" permission, both would be disabled.
I didn't create the entire tree since this would take a while and I've already been at this for just under 4 hours now, but hopefully it gives a brief idea. The main takeaway is that the system needs more options, not just a one size fits all solution to permissions which either give too much or too little power to users. In the old system, having a "helper" role to pin messages and move channels around would be possible, but the helper users would then have the ability to delete and create channels as well, something that may lead to abuse. In my proposed redesign, the only time the helper role would be able to do this would be when the admins explicitly allow it.
Of particular note, and a major new feature, is the Target Matrix. Yes, it sounds like something out of Star Wars, but it is in fact a neat way of ensuring that only certain users can target certain others. For example, as it stands right now anyone with the permission to edit roles can edit literally everyone's roles, with the caveat that they can't touch roles higher than them. This might still lead to unintended abuse however, so explicitly stopping Mods from being able to target Admins, for example, would fix this issue.
3: TLDR and Conclusion
The TLDR is basically to break up permissions and organise them better so that admins can, for example, let a role create voice channels but not delete them. This would save a lot of admins much headache as well as improve the operational trust and efficiency of a larger server.
Thank you for your consideration! If you'd like more mock-ups of the UI or have comments and questions about the idea, please let me know in the comments :)
Please sign in to leave a comment.