Description of various user states in Discourse (Admin / Moderator / Staff / Developer / Other )

Discourse has many built in user states, the following describes the meaning of each state and basic storage implementation:

Admin

Admin users are the superusers in the system, they can:

  • Impersonate non admins
  • Change site settings
  • Create groups
  • Amend site customizations
  • Perform all the actions moderators can perform
  • Read any personal message
  • Create, delete and modify categories
  • Ignore category permissions to view private categories

Storage: The boolean field admin in the users table flags any admin accounts.

Developer

Special account used to install Discourse

  • View rack-mini-profiler showing timings on the page
  • Impersonate any account including admins
  • Automatically becomes admin and has all admin rights

Storage: controlled via the developer_emails global setting or the developers table, in Docker install use the env var DISCOURSE_DEVELOPER_EMAILS to specify an email list of users who are developers.

Moderator

Power user capable of moderating the site:

  • Gets shield icon next to name on posts
  • Can perform all actions Staff can perform

Storage: the boolean field moderator in the users table

Staff

A user that is either an admin a moderator or both.

  • Immune to rate limits
  • Can process flags and posts held in the moderation queue
  • Can delete topics and posts, split topics, merge topics, hide topics and so on.
  • Can view user info including email address
  • Can suspend, silence, anonymize and delete users
  • Can adjust a user’s trust level

Storage: computed from the admin and moderator columns on the users table

Trust level 0 - 4

See: What do user trust levels do?

Storage: the numeric field trust_level in the users table

New user

Special restricted account for first day of usage or new accounts. new_users have special rate limits defined in site settings

  • Trust Level 1 account created in the last 24 hours, or Trust Level 0
  • Non staff account

Limits:

  • Can only create a topic once every 2 minutes (rate_limit_new_user_create_topic)
  • Can only create a post once every 30 seconds (rate_limit_new_user_create_post)

Storage: computed from created_at, moderator, admin, and trust_level columns on the users table

First day user

Special additional restrictions that apply to an account created in the last 24 hours

  • Account created in the last 24 hours
  • Non staff account
  • Not TL2 or above

Limits:

  • May only create 10 replies (max_replies_in_first_day)
  • May only create 3 topics (max_topics_in_first_day)

Storage: computed from created_at, moderator, admin, and trust_level columns on the users table

Silenced

Account flagged by spam system as a problem account, all posting is disabled.

  • Account may not reply to any topic
  • Account may not create any topics
  • Account may not create PMs, but can reply to PMs
  • Account may not create flags
  • Account still can like and bookmark
  • Account can still change user prefs and about me (TBD if this is a good idea)
  • Mailing list mode stops working

Storage: silenced boolean column in the users table

Active

Account is active in Discourse instance

  • Account may login to Discourse, inactive accounts may not login

Storage: active boolean column in the users table

Approved

If the site setting must_approve_users is enabled a user must be approved prior to being allowed to log in.

Storage: approved boolean column in the users table

Suspended

Account suspended from Discourse instance

  • A note is displayed on user page denoting suspension reason
  • Login is not allowed
  • Account can only be mentioned by staff
  • No emails are sent to user for any notifications (digest, message and so on)
  • As an exception any emails initiated by staff are still sent to user

Storage: suspended_till datetime column in users table

Staged

A special placeholder account which is created automatically by the system for email integration

  • No email digests are ever sent
  • Automatically watches all messages it participates in and receives notifications of replies
  • May reply via email to notifications
  • Username and Name are automatically picked
  • Account may still register with the same email and “take over” the staged account.
  • Forgot password will do nothing …when you attempt to send a password reset to a staged account

Storage: staged field in users table

57 Likes