Each user has an admin property which when set to true allows the user to basically view and change anything for themselves and other users. E.g. admins can see private data of any user such as emails, or modify users usernames.
Some actions are not possible currently because they were originally hardcoded for "do action for the current user" rather than "do action for target user", but all of those are intended to be converted. E.g. that is currently the case for like/unlike, follow/unfollow from the API.
In order to mark a user as admin, direct DB acceess is required.
For example, to make user barack-obama admin on a development run:
sqlite3 web/db.sqlite3 "UPDATE \"User\" SET admin = true WHERE username='barack-obama'"
We have a helper for that at:
./web/bin/make-admin barack-obama
It can be called from any directory, e.g.:
cd web
./bin/make-admin barack-obama
It currently only works on SQLite.
Or e.g. to make cirosantilli admin in a Heroku deployment you can run:
heroku maintenance:on -a ourbigbook
heroku psql -a ourbigbook -c "UPDATE \"User\" SET admin = true WHERE username='cirosantilli'"
heroku maintenance:off -a ourbigbook