Open Ixrec opened 1 year ago
And it prevents DDoSing Izzy via bot raid:
Correction: This is me saying that the current method prevents DDoSing Izzy during a bot raid, as all she has to do is remember to not apply roles on join to funnel all the suspected raiders into #welcome.
The proposed behaviour would require Izzy to actively make sure users have a Silenced role if they join during a raid, which can cause Izzy to hit ratelimits while dealing with raids (which is actually nullified by autoraising verification level to Highest)
Oops. Deleted that part.
To be clear, the hypothetical proposal is to not have a Silenced role or any other bot-based mechanism of putting users in #welcome, because a Verification Level of Highest should be plenty. If we really did this, I'm not sure we'd even want a #welcome channel any more.
That'd mean Izzy would be incapable of punishing users who trip the filter or spam, unless you intend for Izzy to end up moving to Banished
Yes, those automated punishments would have to become adding a role rather than removing a role.
There is an alternative that is only noted when you read through the developer docs.
The pending
boolean field within the Guild Member Object, aka the Membership Screening Object.
Membership screening could be used with the current setup. However, Izzy would need to watch for a guild member update gateway event with pending: false
before assigning any roles.
Relevant documentation link: https://discord.com/developers/docs/resources/guild#membership-screening-object
This would negate the role auto-assign on join invalidating Membership Screening as well as guild verification level.
The new "Community Onboarding" feature appears to be yet another example of something we don't even have the option to try because of our join roles.
Lunar Aurora pointed out that multiple Discord features rely on the assumption that new users are not immediately assigned any roles, and the way we use Member Role and New Pony today breaks that.
We definitely won't be pushing for this anytime soon, and migrating to it without breaking Manechat would be complicated, but I wanted to write down why we were interested before I completely forgot we'd been thinking about this.
Benefits
Blocking DM Spam
Today, Manechat's "Verification Level" is set to High, which should prevent DMing Manechat members for 10 minutes, but it doesn't because we assign roles on join.
Note that this also blocks sending messages, so if we do this we're effectively mandating all new users lurk for 10 minutes. Personally I think that's a win too, but it definitely needs consensus.
Simplify Role-Specific Permissions, a.k.a. "the Art Challenge glitches"
A complete explanation is beyond me and likely not worth it, but what it boils down to is that when you give Discord some role permissions to allow seeing a channel, and other role permissions to deny seeing a channel, the allow rule wins. For example, a user with both the Banished role and the Art Challenge role can still see #art-challenge in addition to #the-moon.
Completely removing the "you need Member Role to see every public channel" layer would make this significantly easier to deal with.
Extra Raid Protections
We can make Izzy raise temporarily the Verification Level to Highest (must have a verified phone) during a suspected raid.
Rules Screening
Another Discord feature we'd like to at least have the option of trying out, but we don't because of join roles:
Server Preview
Discord lets you "preview" a server before you actually join it. But because most channels only become visible with Member Role, this preview only shows #welcome:
Concrete Proposal
Today's behavior:
*There are some exceptions to this which aren't relevant to this issue. For example, if you leave with the Banished role and then rejoin, Banished is automatically reassigned.
Proposed behavior: