Permissions

We have implemented a custom permissions system that allows users to give others access to individual commands.

Info: 

Users with Discord administrator permissions and Discord server owners are ignored by the permissions system. They have to execute any command.

How does it work?

The bot first checks if the user is the workspace owner or has Discord Administrator permission. If this isn't the case, it checks what permissions have been granted to the user directly and to their Bnder teams. If any of their teams have the permission, they will be able to execute the command that requires that permission. Membership inherited from child teams also counts, so a permission granted to a parent team applies to members, leads, and managers of the child teams underneath it.

Example

The user is in Team A and Team B. Team A has been granted the MANAGE_TASKS and MANAGE_PROJECTS permissions. Team B has only been granted the SET_STATE permission and no others. Because the user is in both teams, they can create tasks, set tasks state and create projects.

Grant permissions

Permissions can be granted by running the permission grant command. After a permission was added, the bot will apply the changes immediately and the user can run the command that requires the permission.

Grant a permission to either one user or one team in each request. In Discord, select the user option for a member or the team autocomplete option for a Bnder People team.

Revoke permissions

Permissions can be revoked by executing the permission revoke command.

Warning: 

Even after revoking a user's direct permissions, they may still have access to certain commands through teams that provide the same permissions.

Project based permissions

All permissions can be granted to a user or team for a specific project. This means that the user or team will only have access to the command if they specify the project in the command or have the project selected. This will work only on commands that have a project option. Use it with caution.

The project will be determined by the following order:

  1. The project specified in the command
  2. The project of a task that is specified in the command
  3. When a project could be specified in the command, but isn't, the user's selected project will be used

Whichever condition is met first will be used to determine the project.

Permission presets

Permission presets are an easy way to grant a user or team multiple permissions at once. They can be used to grant a basic set of permissions to a user or team for a common responsibility in the workspace.

When a preset is applied, all permissions that are already granted to the user or team will be removed and replaced with the permissions of the preset. After applying a preset, more permissions can be granted to the user or team. The permissions granted by the preset can be revoked too.

Apply each preset to either one user or one team at a time. The list command works the same way: list a user to see their effective permissions, including team inheritance, or list a team to see the permissions granted directly to that team.

For large Discord workspaces, Member Approval can keep internal assignment pickers focused on approved staff while permissions continue to control what each member can actually view or change.

Available presets

Preset namePermissions granted
adminIncludes every permission available
contributor- MANAGE_TOPICS
- MANAGE_DOCUMENTS
- READ_DOCUMENTS
- MANAGE_TASKS
- VIEW_TASKS
- SET_STATE
- MANAGE_MILESTONES
guest- VIEW_TASKS
- READ_DOCUMENTS

All permissions

BotPermissionUse case
Task ManagerVIEW_TASKSIs required to view tasks (for example via "/task list" and for viewing projects)
Task ManagerSET_STATEIs required to update the state (todo, in progress, done) of a task.
Task ManagerMANAGE_TASKSIs required to create, delete, edit, assign, unassign and restore a task.
Task ManagerMANAGE_TICKETSIs required to open ticket areas and manage ticket list, details, settings, templates and related public ticket setup.
Task ManagerMANAGE_MILESTONESRequired to create, edit or delete milestones
Knowledge ManagerREAD_DOCUMENTSIs required to read a document and list all documents and viewing projects
Knowledge ManagerMANAGE_DOCUMENTSIs required if a user needs to create, edit, change the topic, delete and restore a document.
Knowledge ManagerMANAGE_TOPICSIs required to create, rename, delete and restore a topic and all of its documents.
Task Manager, Knowledge ManagerMANAGE_PROJECTSIs required to create, rename, delete and restore projects.
Calendar ManagerCREATE_EVENTSIs required to create a new event.
Task Manager, Calendar Manager, Knowledge ManagerMANAGE_PERMISSIONSIs required to show all permissions, grant or revoke permissions
Task Manager, Calendar Manager, Knowledge ManagerMANAGE_SETTINGSRequired to change settings by the /settings command

Permission commands

Grant a permission

This will grant the mentioned user or role the specified permission.
/permission grant
mentionable
@User
permission
MANAGE_TASKS
project
My Project
Task ManagerCalendar ManagerKnowledge Manager
Requires MANAGE_PERMISSIONS permissions

Revoke a permission

Removes specified permission from mentioned user. Users or roles with administrator permissions & server owners won't be affected by this. If the user has a role with the permission granted, he can still execute commands requiring that permission.
/permission revoke
mentionable
@User
permission
MANAGE_TASKS
project
My Project
Task ManagerCalendar ManagerKnowledge Manager
Requires MANAGE_PERMISSIONS permissions

List all permissions

This will display all permissions and show if the user has the permission.
/permission list
mentionable
@User
project
My Project
Task ManagerCalendar ManagerKnowledge Manager
Requires MANAGE_PERMISSIONS permissions

Apply a preset

Apply a preset to a user or role. Presets are a collection of permissions.
/permission preset
preset
contributor
mentionable
@User
project
My Project
Task ManagerCalendar ManagerKnowledge Manager
Requires MANAGE_PERMISSIONS permissions