Overview
OverviewPolicy SetupRoles & GrantsOverridesCapability CatalogAudit LogPermission SimulatorDashboard UI Guide
DASHBOARD GUIDE

RBAC

The RBAC dashboard is where you decide which Discord roles can do what inside SYNTHET. Apply a starter template, tweak the matrix, then drop into the advanced views when you need fine-grained control.

Path
DashboardRBAC
Module
rbac
Required permission
rbac.view_policy

Before you start

RBAC is the gatekeeper for every other module's dashboard. A few things up front:

  • You have the rbac.view_policy capability (the page returns 403 otherwise).
  • The Discord roles you want to manage already exist in the server.
  • A first-time setup picks a starter template — STARTER, STRICT, or ENTERPRISE — so you have something to edit instead of an empty matrix.
  • For destructive operations (resetting policy, importing snapshots) you want a current backup of the server.

What you'll see

The page header shows your current policy version and a refresh button. Below that sits a five-card stats strip; below that, the active surface.

Stats strip

Five small cards: Roles (managed roles configured), Grants (capability rows attached to those roles), Overrides (per-user bypasses or denies), Audit (24h) (rows in the audit log over the last day), and Capabilities (total capability ID count known to the registry).
Setup
Matrix
Advanced
Audit
Setup
Starter template picker. Shown until RBAC is configured for this server.
Matrix
Role-by-capability grid for the most common module-level grants. Click cells to allow / deny.
Advanced
Five sub-tabs: Settings, Permissions, Overrides, Modules, Snapshot.
Audit
Decision log: every capability check with its outcome and reason code.
Setup vs. Configured
Until you apply a template the page renders the Setup view alone. Once a template is active, the three buttons (Matrix, Advanced, Audit) show up in a strip near the top.

Setup view

A single card with three template tiles. Pick one to seed your policy.

Starter
Reasonable defaults for a small server: owner gets everything, mods get moderation, members get nothing.
Strict
Locks every module by default; staff roles must be explicitly granted each capability they need. Use for security-conscious servers.
Enterprise
Splits responsibilities across multiple staff tiers — moderators, admins, billing operators, content managers. Use when you have ten or more staff with distinct jobs.
Auto-sync after applying a template
When you click Apply, SYNTHET fetches the server's Discord roles and runs a sync so the new policy roles get linked to the existing Discord roles automatically. You can re-run the sync from the Matrix tab any time.

Matrix view

The simplest editing surface. Rows are roles, columns are capabilities, cells are grants.

Layout

The leftmost column is the role name with a coloured dot for the Discord role colour. Across the top, capability columns are grouped into clusters: access, core, moderation, members, engagement, economy, voice, observability, data, messaging & automation, and tools. Each column header has a small info icon — click it to see what that capability actually controls.

Click behaviour

Click an empty cell to add an ALLOW grant for that role + capability. Click a green cell to remove it. Conflicts (two roles overlapping with different effects) are resolved highest-priority-wins; the priority is editable per role from the Advanced > Settings sub-tab.
Dashboard access is the first column on purpose
dashboard.guild.view is the gate that decides whether a role can even open SYNTHET's dashboard. Don't accidentally remove it from your moderator and admin roles unless you want to lock yourself out.

Advanced view

Five sub-tabs that mirror the API's full surface area.

Settings

Server-wide policy toggles. Break glass (server owner can bypass any check on emergency), Admin bypass (Discord administrators auto-pass every capability), Require Discord gate (member must have at least one managed role to use SYNTHET), Audit retention days (how long the audit log keeps decisions before pruning).

Permissions

The full per-capability registry, not just the matrix's curated columns. Filter by group (moderation, monetization, rbac, etc.) and toggle every capability for every role. Each row carries a risk tier chip (low / medium / high) and a description so you understand the blast radius.

Overrides

Per-user bypasses and denies. Use for one-off cases: granting a specific user a single capability without touching their role, or denying a single capability for someone who would otherwise have it via their role.

Module access

A simpler view of which roles can see which dashboard modules at all. Toggling a row off here strips both the dashboard tab and the matching slash commands.

Snapshot

Export the entire policy as JSON or import a saved one. Use this to copy a policy between servers, to back up before a risky change, or to ship a hand-tuned policy as part of your community template.
  • Export downloads a .json file containing every role, every grant, every override, and the policy settings.
  • Import uploads a snapshot and replaces the current policy. There's a confirmation dialog because this is destructive.

Audit view

A decision log of every capability check SYNTHET has performed.

What's in each row

The user who triggered the check (or system for automated events), the capability ID, the decision (ALLOW / DENY), the reason code (which role granted, which override fired, whether break-glass was used), the source (dashboard, slash command, automation), and the timestamp.
Retention
Audit retention defaults to 90 days but is configurable from the Advanced > Settings sub-tab. Older rows are pruned in the background.

Per-role fields

When you click a role name in the matrix or open Advanced > Permissions, you get this set of editable fields.

Role nameText input

Display name for this policy role. Doesn't have to match the Discord role name, but it usually should.

Example: Moderators

DescriptionText input

Free-form note. Shown to other staff in the matrix.

PriorityNumber

Higher priority wins when two roles grant conflicting effects on the same capability.

Example: 100

Discord rolesMulti-select

The Discord roles this policy role applies to. Members holding any of them inherit the grants.

Is systemToggle

System roles are seeded by templates and can't be deleted. The toggle is read-only when on.

SettingTypeDefaultDescription
Break glassToggleonServer owner bypasses every capability check.
Admin bypassToggleonDiscord administrators auto-pass every capability check.
Require Discord gateToggleoffMembers must hold at least one managed role to use SYNTHET.
Audit retention daysNumber90How long decision rows are kept before pruning.

Common tasks

1

First-time setup with a template

Don't try to build RBAC from scratch — pick a template.

  • Open RBAC. The Setup view is the only thing visible until you apply a template.
  • Pick the template that matches your server. Starter for most communities, Strict for security- conscious ones, Enterprise when you have a large staff team with split responsibilities.
  • Click Apply. SYNTHET seeds the policy and runs a Discord-role sync.
  • Switch to the Matrix view. Verify each Discord role is linked correctly.
2

Grant a role permission to manage tickets

The matrix is the fastest path for a one-off grant.

  • Open the Matrix view.
  • Find the row for @Support (or whatever your role is called).
  • Find the Tickets column. Click the empty cell — it turns green.
  • Save is automatic. Confirm by switching to the Audit view — you should see a grant.add row at the top.
3

Snapshot before a risky change

A 30-second precaution that has saved many staff teams.

  • Open Advanced > Snapshot.
  • Click Export. Save the JSON file somewhere you'll find it later (a pinned message in a staff channel works well).
  • Make your change.
  • If something breaks, come back here and click Import on the saved snapshot to roll back.

Troubleshooting

403 'rbac.view_policy' on the page
Your dashboard role doesn't have rbac.view_policy. Ask a server admin to grant the RBAC capability to your role, or (if you're the admin) reset the policy template from a console where you still have access via Discord administrator bypass.
Matrix shows roles but no checkboxes work
A capability you tried to toggle doesn't exist in the registry. The matrix is curated; not every capability is exposed there. Switch to Advanced > Permissions for the full registry.
A user's role isn't being honoured
Check three things. First, the Discord role is linked under Advanced > Permissions (the role page shows linked Discord role IDs). Second, the role priority — a higher-priority role may be denying the capability. Third, the user's overrides under Advanced > Overrides — a personal deny beats every role.
Importing a snapshot wiped overrides
Snapshot imports are atomic — they replace the entire policy, including overrides. If you only meant to restore the matrix, export the current policy first, hand-edit the JSON to remove the overrides section, then import.
Music
Reputation