Description of various user states in Discourse


(Sam Saffron) #1

Discourse has many built in user states, the following describes the meaning of each state and basic storage implementation:

Admin

Admin users are the superusers in the system, they can:

  • Impersonate non admins
  • Change site settings
  • Create groups
  • Amend site customizations
  • Perform all the actions moderators can perform
  • Read any personal message
  • Create, delete and modify categories
  • Ignore category permissions to view private categories

Storage: The boolean field admin in the users table flags any admin accounts.

Developer

Special account used to install Discourse

  • View rack-mini-profiler showing timings on the page
  • Impersonate any account including admins
  • Automatically becomes admin and has all admin rights

Storage: controlled via the developer_emails global setting or the developers table, in Docker install use the env var DISCOURSE_DEVELOPER_EMAILS to specify an email list of users who are developers.

Moderator

Power user capable of moderating the site:

  • Gets shield icon next to name on posts
  • Can perform all actions Staff can perform

Storage: the boolean field moderator in the users table

Staff

A user that is either an admin a moderator or both.

  • Immune to rate limits
  • Can process flags and posts held in the moderation queue
  • Can delete topics and posts, split topics, merge topics, hide topics and so on.
  • Can view user info including email address
  • Can suspend, silence, anonymize and delete users
  • Can adjust a user’s trust level

Storage: computed from the admin and moderator columns on the users table

Trust level 0 - 4

See: What do user trust levels do?

Storage: the numeric field trust_level in the users table

New user

Special restricted account for first day of usage or new accounts. new_users have special rate limits defined in site settings

  • Trust Level 1 account created in the last 24 hours, or Trust Level 0
  • Non staff account

Limits:

  • Can only create a topic once every 2 minutes (rate_limit_new_user_create_topic)
  • Can only create a post once every 30 seconds (rate_limit_new_user_create_post)

Storage: computed from created_at, moderator, admin, and trust_level columns on the users table

First day user

Special additional restrictions that apply to an account created in the last 24 hours

  • Account created in the last 24 hours
  • Non staff account
  • Not TL2 or above

Limits:

  • May only create 10 replies (max_replies_in_first_day)
  • May only create 3 topics (max_topics_in_first_day)

Storage: computed from created_at, moderator, admin, and trust_level columns on the users table

Silenced

Account flagged by spam system as a problem account, all posting is disabled.

  • Account may not reply to any topic
  • Account may not create any topics
  • Account still can like and flag (TBD if this is a good idea)
  • Account can still change user prefs and about me (TBD if this is a good idea)
  • Mailing list mode stops working

Storage: silenced boolean column in the users table

Active

Account is active in Discourse instance

  • Account may login to Discourse, inactive accounts may not login

Storage: active boolean column in the users table

Approved

If the site setting must_approve_users is enabled a user must be approved prior to being allowed to log in.

Storage: approved boolean column in the users table

Suspended

Account suspended from Discourse instance

  • A note is displayed on user page denoting suspension reason
  • Login is not allowed
  • Account can only be mentioned by staff
  • No emails are sent to user for any notifications (digest, message and so on)
  • As an exception any emails initiated by staff are still sent to user

Storage: suspended_till datetime column in users table

Staged

A special placeholder account which is created automatically by the system for email integration

  • No email digests are ever sent
  • Automatically watches all messages it participates in and receives notifications of replies
  • May reply via email to notifications
  • Username and Name are automatically picked
  • Account may still register with the same email and “take over” the staged account.
  • Forgot password will do nothing …when you attempt to send a password reset to a staged account

Storage: staged field in users table


Modifying Staff Roles to go beyond Administrator and Moderator?
List of full moderation tools?
Deactivating users permanently
Improving Blocked User State
How to get rid of the millisecond feature thing
Which setting(s) would prevent Discourse from emailing an old user?
Moderator Permission Set
Recreating deleted original setup account makes them an administrator
A new trust level: The Helpful member?
Allow moderators to create groups
View Forum as User X
Improving Blocked User State
What Silenced Users can/can't do
Is a blocked user able to flag posts?
Limit the daily number of posts from a user
How do I block a user?
Latest documentation
What Silenced Users can/can't do
How to get rid of the request times debug?
Improving Blocked User State
Unlisted option on creation of a new topic
#2

Sorry Team for dumping this topic now, but I’m testing the “new dashboard” and I see a lot of “inactive users” on my forums and I can not understand what is an inactive user.

Maybe you can edit this 1st message with a “Inactive Users” with the explanation about this type of users? :pray:


(Joshua Rosenfeld) #3

“Inactive” is not a user state, so no, it doesn’t really make sense for it to be added to this topic. User states have certain effects, like permissions, access to features, restrictions, etc. Being “inactive” does not affect permissions, access, restrictions, etc. As the tooltip on the new dashboard states: “Number of users that haven’t logged on for the last 3 months” - it’s purely a measurement.


#4

Ah, great… so if an inactive user log in to the forum, that “state” change to “active user” ? :blush:

Thanks for clarifying it :+1:


(Leo McArdle) #5

Can this be expressed more simply as:

  • Trust Level 0, or Trust Level 1 account created in the last 24 hours
  • Non staff account

or have I got the wrong end of the stick?


(Jeff Atwood) #6

We can edit this as @featheredtoast simplified the rule recently.


(Leo McArdle) #7

Cool, I’ll keep my hands off while @featheredtoast works some magic. Also, after re-reading what I wrote, this:

would be better phrased like this:

Trust Level 1 account created in the last 24 hours, or Trust Level 0

to remove all ambiguity.


(Jeff Wong) #8

You can go ahead and make the change - it used to be a fairly confusing rule where some trust level 0 accounts could break out of the “new users” box, if they were outside of the 24 hour posting period which didn’t make a lot of sense.

The changes are exactly as what you’ve described, where TL0 users are now unconditionally new users.