Each user has an
admin
property which when set to true
allows the user to basically view and change anything for themselves and other users. E.g. admins can see private data of any user such as emails, or modify users usernames.Some actions are not possible currently because they were originally hardcoded for "do action for the current user" rather than "do action for target user", but all of those are intended to be converted. E.g. that is currently the case for like/unlike, follow/unfollow from the API.
In order to mark a user as admin, direct DB acceess is required.
For example, to make user
Admin priviledges can be revoked with the
barack-obama
admin on a development run the web/bin/make-admin script:
web/bin/make-admin barack-obama
-f
(--false
) flag:
web/bin/make-admin -f barack-obama
The same command works in a Heroku deployment where you can run:
heroku run -a ourbigbook web/bin/make-admin -f barack-obama