Group Roles and Permissions
A user's group role is assigned per-group and governs what they can do inside that specific group. A user has a separate group role for every group they're a member of. The default role depends on the group's posting behavior, and Owners and Managers can promote or demote members at any time.
GLYPH has four group roles:
| Role | Add/remove members & devices | Promote/demote | Change crypto scheme | Edit name/description/visibility | Default in… |
|---|---|---|---|---|---|
| Owner | Yes | Yes | Yes | Yes | The user who created the group. |
| Manager | Yes | Yes | Yes | No | Promoted by an owner. |
| User | Only their own devices | No | No | No | Normal groups. |
| Observer | Only their own devices | No | No | No | Broadcast groups. Read-only — sees messages, cannot post. |
A few notes
- Group creation makes you the Owner. When you create a group, GLYPH automatically adds your current device and assigns you the Owner role. From there you can add other members and promote Managers as needed.
- Owners can do everything Managers can, plus rename and re-set visibility. The only thing Managers can't do is change the group's name, description, or visibility setting.
- Users and Observers are nearly identical permission-wise — both can only manage their own devices. The key difference is posting: Users can post in Normal groups; Observers in Broadcast groups cannot post at all (read-only).
- Changing the crypto scheme requires all devices to be up to date. Verify with the "Check" action in the group's settings before migrating; remove out-of-date devices and try again if the check fails.
Group roles vs. account roles
Account roles govern whether you can touch a group at all; group roles govern what you can do once you're inside it. See How the Two Role Systems Interact for worked examples.