I have an admin person who only wants to see certain groups by default.
I’ve changed the categories so that each category only has the group permissions related to that category. All group and moderator permissions have been removed from most of the categories.
They can still see the categories they do not want to see.
How do you constrain an admin account to only see certain categories?
That’s really counterintuitive
Admins are the only users that have fully unrestricted access.
If they really want to only observe selective categories then ask them to create a separate non-staff account and use that. The admin account should have access to all the content by design.
I know.
Cool and thanks.
What I don’t understand is why there’s so much resistance to finding a solution to this…
There are a number of us that want this capability, even if it’s as low tech/insecure as hiding the content with CSS.
There are boards out there, primarily for teams/business use where the admin doesn’t run the business and also isn’t the IT guy who should literally see everything being discussed.
Sure it’s not a useful setting/feature for most boards, but there are some that having this concept applied would make the board radically more useful for the business/team. And it’s always met with the same responses. I don’t know my head from my butt when it comes to CSS/coding. And I’m having to stumble and delay implementing some capacity in our organization’s board so I can at least figure out a way to hide this stuff via CSS.
It’d be super nice if someone who was more capable would be able to lend some support rather than always say it’s not supposed to be that way, there’s no reason for that if you don’t trust your admin, etc.
There’s no “solution” because it’s not recognised as a problem.
Administrators administer the entire instance by design. If you don’t want to see the entire instance you don’t need to be administrator.
If you’ve dreamed up use cases which don’t exist, or worse sold discourse to your company/team/society as doing this then there is a problem, but it’s not software.
Even in Enterprise administrators are in a trusted position where they can technically see everything, but being trusted the assumption is that can and will are fundamentally different things.
Doesn’t the ability for admins to mute category topics contradict this sentiment? I understand the argument, but it seems to be applied inconsistently.
This request isn’t as counter-intuitive as is being suggested. A person who is an admin can simultaneously want to be able to access something but also not want to see it all the time.
The request is being misrepresented. OP is not saying he doesn’t want full access, he is saying he wants control over his default view:
No, and if that was the takeaway then you should re-read the post I responded to.
Saying that administrators shouldn’t be looking at certain business information is pointing out the obvious. Muting is a choice by the user to filter out certain categories, it doesn’t protect that information.
If there’s any worry that an administrator would look at something they shouldn’t then there’s a strong case that they shouldn’t be admin.
You are discussing @Cozdabuch’s example, I am discussing @csmu’s example. They are different. I never said that admins shouldn’t look at certain business information; perhaps you are the one who needs to read more carefully.
Unnecessary snark aside, I am discussing the situation where an admin can and should be able to see all information, but should also be able to hide it from view. That is what the OP is describing, and does not seem at all unreasonable.
This describes the request quite well. Why is it such a bad idea to allow an admin user the ability to “filter out” (but not protect the info) of certain groups, as OP describes? Is that not the same concept?
Have you ever tried muting a category as administrator? An administrator can mute a category and therefore change their defaults. Topics from that muted category disappear from /latest. The category doesn’t magically disappear from categories because a) they’re an administrator and b) that’s not what muting does.
I fail to see what’s difficult about that, it works right now. Muting is there to allow all users to tweak the sound-to-noise ratio of what they see.
Quoting me when I’m responding to a user who is failing to challenge the fundamentals of the administrator role, to only bring up muting is called a straw man argument. Nobody has said that administrators can’t mute, there’s nothing wrong with muting or the way the administrator role works on Discourse today.
If it were me, I think I’d do one or some combination of the following:
It’s one of those days where I wish Discourse had a super-like button.
@Stephen I’ve got no reason to bait you into a straw man argument. I think there is just some miscommunication. I’m aware of how muting works; that was my point.
I interpret the original question in this topic to be about an admin who wants to be selective over which categories they want in their default view, not an admin who should not have access to all categories. I believe this topic addressing both at the same time is muddling the answer.
This is what I was asking. To reduce what they see by default. I was unaware of the ability to mute categories.
Great, thanks for confirming. 
I hope your admin finds Discourse more useful as a result.
All this stuff about admin trust is valid too, but it is answering a different question than what you asked.
@Cozdabuch thank you for challenging the accepted answer here. Indeed, “it’s always met with the same responses” is worth questioning and honestly pretty frustrating. I’ve found that pushing a bit sometimes reveals a discrepancy between what the asker is saying and what #support is hearing, as has happened here.
Thanks for that. The thing that bugs me most isn’t that there’s no appetite to change how the system works. That’s fair if there’s no platform adoption of different access rules.
My issue comes with the community pushback to the rationale I and others have when it comes to concepts that challenge the accepted use cases for the platform.
Most specifically in this case, the consistent responses about if you can’t trust your admin, then you should have a different admin. Justaposed with the official line from a discourse founder that encrypted PMs are a way to to protect conversations between members even from malicious administrators.
The pontificating responses of “you should do it this way” or that’s “just security theatre” when I’ve explained ahead of time that I know exactly what the drawbacks are, and I’m just trying to address a shortcoming of discourse in my specific use case.
It’s cool if nobody wants to help with writing some css, or developing a plugin. Not what’s bothered me here at all.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.