Admin who created site has trust level 0?


(James Kiesel) #1

I’ve been getting a couple plugin-related bug reports recently related to the fact that the admin created with the site (the one with the email you enter during the setup process) has trust level 0 upon creation.

Some momentary digging didn’t lead me to the place where that user is created, but it seems fairly reasonable to me that the person who sets up the site should initially be TL4, in addition to an admin.


(Jeff Atwood) #2

Why does it matter? The presence of the admin boolean supersedes all other privileges, by far.


(James Kiesel) #3

It wouldn’t bother me too much either, but in the past week I’ve had a pair of user reports and wiled away some hours myself trying to figure out why only my admin account was having trouble.

As a plugin author, it’s very easy to write something like this:

# who should be able to receive chat messages?
User.where('trust_level > ?', SiteSetting.min_trust_to_send_personal_messages)

or as a badge query writer:

# who should get the 'Lurker' badge?
User.where('trust_level < 2').where('created_at > ?', 2.months.ago)

or, as an absent-minded admin:

# Crap, I was flooded with spammers on my new forum, I should get rid of them
User.where(trust_level: 0).update(deleted_at: 0.days.ago)

when those actually need to read

User.where('trust_level < ? AND NOT admin', 2)

each time because of an odd (but very important!) corner case.

I’d also argue that there’s probably some unexpected behaviour buried in the core app because of this, for example a couple minutes of sniffing around led me to believe that anonymous users would be restricted from seeing the admin’s user fields because of her low trust level:

# user_guardian.rb
def restrict_user_fields?(user)
  user.trust_level == TrustLevel[0] && anonymous?
end

whereas a ‘regular’ admin would have her fields visible.

Or, another example, until you naturally reach tl3, your flags don’t count when determining whether to auto-silence a person:

# auto_silence.rb
def num_tl3_flags_against_user
  PostAction.joins(:user).where('users.trust_level >= ?', 3).count
end

Or that the site admin will have links from their bio excerpt stripped until they hit TL1

# user_profile.rb
def bio_excerpt(length = 350, opts = {})
  ...
  return excerpt if user.has_trust_level?(TrustLevel[1]) && !user.suspended?
  PrettyText.strip_links(excerpt)
end

Not that these are show-stopper or even common occurrences (it’s not that hard to get to TL2 when you’re the admin), but I think it does introduce potential behaviour that’s unexpected, that conceptually the site-created admin should be granted all the trust in the world (they’re the boss!), that there’s likely more examples in core (and perhaps in other plugins) of this kind of discrepancy, and that it’s likely a simple change in the wizard to fix.


(James Kiesel) #4

I’ve created a PR to at least change the initially created admin to be TL1, which mirrors the existing behavior of running rake admin:create from the console