SamuelScheit
commented
3 years ago I think this is especially useful for schools and organizations/companies who want to provide an easy way to signup their employees/pupils/members.
I think can_edit_self should be controlled in a more general way, that instance owners can create certain types of users (flags/badges) that have instance-wide permissions.
Also I'm not sure if the accounts should be bound to a certain controller it rather should be the instance admin.
I think many ideas could be adapted in a more general way. (e.g. an admin should be able to block/delete any account)
erkinalp
DiegoMagdaleno
Is your feature request related to a problem? Please describe. Companies, schools and parents would like ability to white- and black- list certain users to certain guilds, channels and user groups. Bridge bots could also make use of this feature.
Describe the solution you'd like
Detailed description of the endpoints
Create controlled account: This endpoint shall create a controlled user account. Parameters:
username: Name of the controlled accounttag: Discriminator of the controlled accountscope: Array of group white/blacklists to apply (if both white- and blacklists are present, then blacklist is subtracted from the whitelist)controller: The user who controls the account (implicit in writes, returned in reads of the controlled user)rights: Initial rights of the user Returns: If unauthorised to create a controlled user or apply one or more of the control flags, return 403 Forbidden. On success, return 200 OK.Delete controlled account: This endpoint shall remove a controlled user account.
Parameters: same as /users/@me/delete, but controlled accounts cannot initiate account delete on their own. Returns: If unauthorised to delete the user or apply one or more of the control flags, return 403 Forbidden. On attempt to delete a non-existent user in a discriminator range controlled by said user, return 400 Bad Request. On success, return 200 OK.
Group white- and blacklist objects: Parameters:
whitelist: iftrue, a whitelist, else, a blacklistguilds: list of guildsusers: list of DM targetsroles: list of roles If unauthorised to create a controlled user or apply one or more of the control flags, return 403 Forbidden. On success, return 200 OK.Group whitelist/blacklist create:
users: Array of user IDs to be affected initiallyscopeGroup whitelist/blacklist objectIf unauthorised to create a controlled user or apply one or more of the control flags, return 403 Forbidden. On success, return 200 OK.
Discriminator range reserve: Reserve certain discriminators for a certain account controller. An account controller can only reserve discriminators for itself, not for other controllers. Parameters:
include: a pair of discriminators, which denote an inclusive rangeexclude: array of pairs of discriminators, which denote ranges to be excluded from aboveIf unauthorised to create a controlled user or apply one or more of the control flags, return 403 Forbidden. On success, return 200 OK.
Discriminator range fetch: Returns the reservation by reservation ID. Discriminator range reservations shall be returnable by any user.
If unauthorised to create the reservation or attempts to re-reserve an already reserved range, return 403 Forbidden. On success, return 200 OK.
Discriminator range delete: Deletes the reservation by reservation ID. Only the user that created the reservation can delete it.
If unauthorised to unreserve the range, return 403 Forbidden. On attempt to delete a non-existent reservation, return 400 Bad Request. On success, return 200 OK.
Apply group white/blacklist to controlled user: Applies group scope limits to a given user. Parameters:
user: User ID to apply the group white/blacklist.scopeArray of IDs of group white/blacklist to be applied. A user can have as many scopes applied as wanted.Sub-tasks