-
Deimos authored
This is a major rework of the permissions system to enable various new capabilities and clean up some of the oddities that were there. Highlights: - The concept of "admin" permission is removed. All permissions must be granted individually. - Permissions can now be granted on a group-specific level, such as giving a user the ability to tag topics only in a specific group. - Permissions can also be denied for a specific group (or all groups), enabling uses like "tag topics in all groups except ~music". - Removed the two cases where "all permissions" were granted: users on themselves and the sender and recipient on messages. This was dangerous, we should always grant permissions explicitly. - Eliminated all the granular permissions for changing a user's settings (which were all granted implicitly), and replaced with an overall "change_settings" permission.
94b9e1bf