Permissions & Scopes
Three layers control who can do what: Discord permissions, bot roles, and dashboard scopes.
The hierarchy
| Layer | Who | Can do |
|---|---|---|
| Guild owner | Discord owner | Everything, always. |
| Bot admin | Members of any role added via /setup admin-role add | All dashboard surfaces, every /config command. |
| Bot staff | Members of any role added via /setup staff-role add | Tickets, verification approvals, reports. |
| Scoped role | Roles granted dashboard scopes on the Scopes page | Only the surfaces granted. |
| Member | Everyone else | Public commands (/balance, /verify, …). |
Bootstrap mode
Before any admin role is configured, anyone with Discord
Manage Server or Administrator can act as a bot
admin. This stops you locking yourself out before /setup
complete.
Dashboard scopes
Bot admins always have every scope. The Scopes page
lets you pin individual dashboard.* scopes to specific
Discord roles. Useful when you want a "Mod" role to manage tickets
but not touch the economy.
Scopes are intersection-checked: holding dashboard.manage_economy
on any of your roles is enough to write economy config, even if you're
not a bot admin.
Where to set things
- Discord:
/setup admin-role add,/setup staff-role add,/setup complete - Dashboard: the Scopes page on every server overview
- Audit: every change is logged. See Audit Log.