Separate 'trusted users can edit others' setting for trust levels 3 & 4

Currently there is a single setting for both of these options:

• trust level 3 can edit others’ topic titles and tags
• trust level 4 can edit others’ posts

It would be handy if these were separated into different settings.

For our case:

We want to enable trust level 3 editing topic titles and tags, since the changes that can be made there are limited. But currently we want to disable editing others’ posts for trust level 4.

In the past we’ve disabled the setting altogether if we want to limit editing posts by tl4. But it’s been handy to have people add tags to topics, so it’s not ideal to have to disable that for tl3.

Mainly our audience is a bit younger and so leaders from the community are a bit younger, and though the vast majority have been very trustworthy, there was a historical case where some misused their privileges. So we usually have been a bit more conservative with some abilities – we only re-enabled editing for tl4 & tl3 after the present group of leaders had been serving for a while.

We are planning to disable the editing ability for trust level 4 again as we are onboarding a new group of leaders. But it would be nice to still have the ability for tl3 to add tags on others’ topics (Our community usually does not edit others’ titles)

I am generally warm to adding this fidelity though I would prefer to just “de-trust level” these settings if we do a split and change them so they are group based.

edit_all_topic_groups (default: trust_level_3)
edit_all_post_groups (default: trust_level_4)

This also automatically add a bunch of extra flexibility and I feel the name of the settings are fairly clear.

@mcwumbly thoughts.

Not sure when we can slot this, it may be a candidate for pr-welcome.

Default TL4 on that second one

I think splitting these up and making them group-based as you’ve described makes sense.

These sound good – actually I was also wondering if this might be a good candidate for pr-welcome

I’d be interested in giving it a go myself when I get the chance. (I’m mainly iOS developer but have also dabbled in Ruby/JS etc. at work)

Sure Tracey I am happy to put a pr-welcome on this, it should be a fairly straightforward change, that said, it does have security implications so it would need careful testing using unit tests and would go through a pretty rigorous review process.

Awesome, I will take this on. Duly noted, also happy to make changes based on feedback once the PR is up.

I did get this working locally – just wanted to take the time to be thorough with test cases before making the PR. I did have some questions I wanted to check on, so I might post in dev for those, or in comments under the PR

(Not sure if there’s an expected timeframe with PRs from community, but just wanted to post a heads-up in case it is taking a bit of a while – I mainly only have some spare time on weekends)

It is fine, no huge rush here, so happy to hear you are making good progress.

Hey everyone – just an update since I mentioned I’d take this on. Sorry I’ve got too much on my plate at the moment, in the past few weeks and upcoming – significant changes at work, medical, etc. For this task, I’d had some trouble with specs and I didn’t really get a chance to debug it – I’m just a bit too worn to dig into Ruby further right now.

If anyone else wants to take on this pr-welcome task, feel free to do so.

(On our forum, we decided to re-enable the trusted users can edit others setting anyway, so we are ok for now. In future when I’m free again, maybe I can take on another Discourse task)

I worked on the separating ‘trusted users can edit others’ setting into ‘edit all post groups’ and ‘edit all topic groups’. I de-trust level these settings so they are group based. Here is the link for the PR:

The PR above was merged, thanks @Nam! We now have

• edit all post groups defaulting to trust_level_4
• edit all topic groups defaulting to trust_level_3