Users & roles

Users + roles management is the admin surface for the platform’s identity layer. Three role tiers (anonymous, founder, admin) per §11.11, plus optional sub-roles within admin (editor, fact-checker, super-admin). The surface controls account creation, role grants, role revocations, and session management.

Admin surfaces

• /founder-account/admin/users — list. Filters: role, isActive, country, signupDate range. Search by name + email.
• /founder-account/admin/users/:id — user detail. Profile data, role assignments, active sessions, audit-log slice (every admin action affecting this user).
• /founder-account/admin/users/:id/roles — grant or revoke roles. Granting admin requires super-admin role; granting founder is open to any admin.
• /founder-account/admin/users/:id/sessions — view + force-end active sessions. Used for compromised accounts.
• /founder-account/admin/users/:id/deactivate — soft-deactivate. Account becomes anonymous-equivalent (cannot sign in) but data is preserved. Reversible.

Role inheritance + scope

• admin role inherits all founder capabilities for the admin’s own account.
• super-admin sub-role within admin: required for granting admin role, modifying audit-log retention, configuring SEO global settings.
• editor sub-role within admin: can draft + edit + publish own articles; cannot fact-check own work (two-editor rule, §10.7).
• fact-checker sub-role within admin: can fact-check + approve published articles; can draft but typically focuses on review.