Role-Based Access Control (RBAC) is the process of allowing / denying someone the ability to read or modify settings based on a role they are given. You are likely already familiar with the concept as Discord has its own RBAC system that you use to restrict members' access to certain channels, settings, etc.
Statbot's RBAC works using the roles you give members in Discord, all you need to do is add a role to a setting's Manager Roles and members with that role will be able to change the setting.
Before starting, we must understand what a Privileged User is. This is a user that has permissions to all of a
server's stats and to modify any Statbot setting. Users with the
Administrator Discord permission are inherently
Privileged Users. The only other members that might be Privileged Users are members with the
Discord permission when the Statbot setting Elevate Manage Server is ON.
Just like Discord, users with the
Administrator permission bypass all permissions checks. If you would like to
restrict someone's access, do not give them the
Manager Roles control what non-Privileged Users are allowed access to settings. By adding a role to a given setting's Manager Roles, users with that role will be able to modify that setting. This makes it very easy to allow certain groups of members the ability to manage certain functionality in the bot as needed.
You can configure Manager Roles on the dashboard on your server's Settings page. Once there, you'll see the following icons at the top of each setting:
- - No **Manager Roles** are configured to for this setting.
- - **Manager Roles** are configured to for this setting.
Click on the icon to open up the Modify Manager Roles menu where you can add or remove roles. You can also access all of the settings' Manager Roles on the Settings > Permissions page.
Beyond access to settings, RBAC is also used to allow access to certain sensitive information. One such place this is used is the Drilldowns. Through the Channel Drilldown Roles and Member Drilldown Roles settings, you can grant access to certain groups to view the specific Drilldowns.
When not open to everyone, Dashboard Access Level and Command Access Level allow you to add roles to their Override Roles. Members with these roles will ignore the setting's restrictions. For example, if the Dashboard Access Level is set to Admin Only, members with an Override Role will still be able to access the dashboard regardless of being a Privileged User or not.