Versions Compared

Version Old Version 7 New Version 8
Changes made by

Martin Kraft (Deactivated)

Martin Kraft (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This specification outlines how to achieve the “channel moderation” feature in Mattermost. Channel moderation provides system admins—and in future channel admins—with toggles to enable and disable various channel-level features including:

  • Making a channel “read-only” (or the inverse, enabling posting) for members and guests

  • Allowing /or disallowing members and guest from adding and removing other members

  • Allowing /or disallowing members and guests from using channel-mentions (@all, @channel, @here)

...

manage_public_channel_properties
manage_private_channel_properties
delete_public_channel
delete_private_channel
remove_others_reactions
upload_file
create_post_public
create_post_ephemeral
manage_channel_roles
read_channel

Question: Do we need to expose create_post and use_channel_mentions in the system and team schemes UI?

Schema

There are no schema changes.

...

The new Roles records that are created will be updated to match the Permissions value from the higher-scoped scheme. Question: does it already copy the permissions from the previous scheme? If so then no update is required. If not can we consider making that a permanent part of the create team and channel scheme API behaviour, avoiding a separate update?

When “enable channel moderation” toggled off, a DELETE request is made to /api/v4/schemes/:scheme_id

Question: Does the delete scheme API endpoint cleanup orphaned Roles records? If not does it make sense to make that a permanent part of the API behaviour?

The ability to send @here, @all, and @channel must have access controlled by the new use_channel_mentions permission.

CLI

Out of scope.

Configuration

None needed. Question: will channel moderation be experimental?

Frontend

  • Design of channel moderation UI in the system console TBD.

  • Preventing posting based on permissions (rather than it currently being prevented based on the experimental read-only town square feature) must be implemented throughout the UI.

  • Preventing access to @here, @all, @channel must be controlled by the new use_channel_mentions permission.

Mobile

  • Preventing posting based on permissions (rather than it currently being prevented based on the experimental read-only town square feature) must be implemented throughout the UI.

  • Preventing access to @here, @all, @channel must be controlled by the new use_channel_mentions permission.

Performance

If the synchronization of permissions (triggered by the events listed above in “Actions that trigger synchronization of permissions from high-scoped schemes to channel schemes”) occur synchronously then those actions will incur a performance degradation.

...