User still have TL4 after revoke admin grants

(Ivan Rapekas) #1

I registered in forum using Google account with TL1. Then I grant admin rights using rake admin:invite[******]. The user gets Admin+TL4.
After that I revoke admin grants, but TL4 did not revert back to TL1.

Discourse 1.9.4

(cpradio) #2

Relevant file for admin:invite (for those wondering)

Which definitely applies TL4, I’m not convinced that revoke was programmed with the intent of resetting their TL though.

(Jay Pfaffman) #3

This is the first I’ve heard of this rake task. I dig see why it applies user level 4,but if you use it you’ll need to remove tl4 if you want the user not to be tl4.

(Diego Barreiro) #4

I don’t think this is a bug

Moderation ranks (moderator and admin) aren’t releated with Trust Level
A TL0 can be a moderator or admin, while a TL4 can just be a TL4. It doesn’t depend on it

(Stephen) #5

That’s inaccurate, the file @cpradio quoted makes the user TL4.

It’s not a question of whether a TL4 user “can just be TL4”, it’s about the expected behavior when admin is revoked and the implications of leaving the trust level in-place.

TL4 users are leaders, even without admin they can edit all posts, pin and unpin topics, close and archive topics. That’s still quite a lot of power for a user you may no longer want to have admin rights.

(cpradio) #6

No, he is correct. Moderator/Admin abilities have zero dependencies on TL4, what isn’t clear is why this rake tasks sets the invited admin to TL4. If you were to use the Admin > User UI, you would not get that same behavior by clicking “Grant Admin” on a user.

The rake task is doing it for some reason, but I didn’t do a blame to try and get some insight on the matter.

With all of that said, if there were a rake task that removed admin rights, I’d expect it to remove TL4 too, but if you revoke it via the UI, well… I can’t really blame the UI for not altering the Trust Level

(Joshua Rosenfeld) #7

Looking at git blame it appears that promotion to TL4 has been part of the rake task since @sam wrote it 4 years ago. He might have some insight.

(Stephen) #8

You probably misinterpreted my post, @barreeeiroo said that this isn’t a bug, and that ranks aren’t related to TL. The OP has flagged that unlike granting admin on the user, admin:invite does change both rank and trust level. There’s no need to do this, right? While admin:invite does both the two are linked, at least for now.

(cpradio) #9

You might want to read my full reply, but I acknowledge it does it and gave reasons why I still feel it is not a bug. :wink:

(Ivan Rapekas) #10

As mentioned above, granting the user by UI, TL is not changed. But using CLI (this is a way to make new user an admin silently from other admins, because they don’t get a confirmation email in this case), user gets TL4 with admins rights. Either UI should change TL to 4 or CLI method should keep TL.

Anyway, my topic is about the bug. I assume that revoking admin status must drop the user to the TL that they have before granting. I wrote, that user came to the forum with TL1. So, in case of revoking, they have to descend to regular.

The parallel: some person got a job in The United Nations, and they also got apartaments in NY and a car with a personal driver. After a week of working, the person has fired, they lost apartments, but having its TL4, they still use a car with a driver. As a gift :gift:.

(Jeff Atwood) #11

Do we need this @sam? It seems excessive to me.

(Sam Saffron) #12

There are actually two rake tasks that follow the same pattern of granting tl4 to admins it creates/invites.

rake admin:invite and rake admin:create both are useful tasks I would like to keep.

I think it is totally unfair to class this as a bug, maybe we should pop a window saying “user has tl4 you just revoked admin do you want to revoke tl4 as well?”

As to granting tl when inviting admin, I guess I am ok with just setting tl to 1 for these tasks, I will change this now.

(Jeff Atwood) #13

Yeah I just don’t see why TL needs to be changed when you make someone an admin…

(Sam Saffron) #14

I think there were some edges in the system some time in the past when you had an admin on tl0, seems pretty safe to bump them up to 1 though in these tasks.

(Michael Brown) #15

There is still some oddness present, for example admins don’t bypass checks such as “max images per post” that are bypassed by trust level.

I noticed the other week as some of our hosted customers have demoted the TL of discobot and it’s no longer able to work properly on those sites.

(Arpit Jalan) #19

Fixed in: