Consider a "zero join roles" redesign of new user management

[Ixrec]

Lunar Aurora pointed out that multiple Discord features rely on the assumption that new users are not immediately assigned any roles, and the way we use Member Role and New Pony today breaks that.

We definitely won't be pushing for this anytime soon, and migrating to it without breaking Manechat would be complicated, but I wanted to write down why we were interested before I completely forgot we'd been thinking about this.

Benefits

Blocking DM Spam

Today, Manechat's "Verification Level" is set to High, which should prevent DMing Manechat members for 10 minutes, but it doesn't because we assign roles on join.

Note that this also blocks sending messages, so if we do this we're effectively mandating all new users lurk for 10 minutes. Personally I think that's a win too, but it definitely needs consensus.

Simplify Role-Specific Permissions, a.k.a. "the Art Challenge glitches"

A complete explanation is beyond me and likely not worth it, but what it boils down to is that when you give Discord some role permissions to allow seeing a channel, and other role permissions to deny seeing a channel, the allow rule wins. For example, a user with both the Banished role and the Art Challenge role can still see #art-challenge in addition to #the-moon.

Completely removing the "you need Member Role to see every public channel" layer would make this significantly easier to deal with.

Extra Raid Protections

We can make Izzy raise temporarily the Verification Level to Highest (must have a verified phone) during a suspected raid.

Rules Screening

Another Discord feature we'd like to at least have the option of trying out, but we don't because of join roles:

Server Preview

Discord lets you "preview" a server before you actually join it. But because most channels only become visible with Member Role, this preview only shows #welcome:

Concrete Proposal

Today's behavior:

• Every user that joins Manechat is immediately assigned Member Role and New Pony*
• After a few hours, New Pony is removed.
• The Member Role gives you permission to view every channel besides #welcome.
• The New Pony role has several permission restrictions, e.g. can't post images, can't use voice chat
• That way, a total bot outage effectively reverts the server to #welcome being a manual verification channel.

*There are some exceptions to this which aren't relevant to this issue. For example, if you leave with the Banished role and then rejoin, Banished is automatically reassigned.

Proposed behavior:

• No roles are assigned on join.
• After a few hours, Member Role is added.
• All public channels are viewable without a role.
• The "New Pony restrictions" are applied to "@everyone" instead, and the Member Role grants those permissions
• There is no longer a "manual verification channel" fallback. Its place is taken by "unbroken" Discord features such as the Verification Level take its place, and perhaps automatic invite disabling.

[CloudburstSys]

And it prevents DDoSing Izzy via bot raid:

Correction: This is me saying that the current method prevents DDoSing Izzy during a bot raid, as all she has to do is remember to not apply roles on join to funnel all the suspected raiders into #welcome.

The proposed behaviour would require Izzy to actively make sure users have a Silenced role if they join during a raid, which can cause Izzy to hit ratelimits while dealing with raids (which is actually nullified by autoraising verification level to Highest)

[Ixrec]

Oops. Deleted that part.

To be clear, the hypothetical proposal is to not have a Silenced role or any other bot-based mechanism of putting users in #welcome, because a Verification Level of Highest should be plenty. If we really did this, I'm not sure we'd even want a #welcome channel any more.

[CloudburstSys]

That'd mean Izzy would be incapable of punishing users who trip the filter or spam, unless you intend for Izzy to end up moving to Banished

[Ixrec]

Yes, those automated punishments would have to become adding a role rather than removing a role.

[LunarNightShade]

There is an alternative that is only noted when you read through the developer docs. The pending boolean field within the Guild Member Object, aka the Membership Screening Object. Membership screening could be used with the current setup. However, Izzy would need to watch for a guild member update gateway event with pending: false before assigning any roles. Relevant documentation link: https://discord.com/developers/docs/resources/guild#membership-screening-object This would negate the role auto-assign on join invalidating Membership Screening as well as guild verification level.

[Ixrec]

The new "Community Onboarding" feature appears to be yet another example of something we don't even have the option to try because of our join roles.