Skip to content

Allow access and show moderation options based on privileges

Corresponding BE issue: pleroma!3676 (closed)

Admin was a broad role. Now we allow for much more fine grained settings of what someone can do. This needs to be reflected in the admin FE.

Some endpoints are now protected based on whether someone is privileged to take certain actions, rather than on the role they have. Access to admin-fe should be based on whether someone can do things in admin-fe. More precisely, when they have the admin role or at least have one privilege that allows certain actions in admin-fe, they should be able to access it.

The privileges are part of the account object under the pleroma key:

{
  "account": {
    "pleroma": {
      "privileges": [
        "users_read",
        "users_manage_invites",
        "users_manage_activation_state",
        "users_manage_tags",
        "users_manage_credentials",
        "users_delete",
        "messages_read",
        "messages_delete",
        "instances_delete",
        "reports_manage_reports",
        "moderation_log_read",
        "announcements_manage_announcements",
        "emoji_manage_emoji",
        "statistics_read"
      ]
    }
}
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information