Separate permission to "Manage AutoMod"

[SuperSajuuk]

Presently, if someone wants to manage the AutoMod, they either need Manage Server or Administrator permissions [excluding being owner, as permissions have no impact on the owner].

The Manage Server permission however, includes many other permissions which are not very suitable to be giving to a moderator if you just want them to manage the AutoMod. The situation with Manage Server is becoming equivalent to the dangers posed to granting someone access to Manage Roles: in that case, Manage Roles allows the user to create, update and delete roles below their highest role, as well as changing permissions of channels and categories, which can be very easily abused by a rogue moderator and is one of the reasons why moderators in established communities never get the ability to manage roles through the UI and have to use a bot, so that they can give / take roles from users without touching perms or the roles themselves.

Right now, if I want someone to manage the AutoMod, I'm also having to give them a whole host of other unwanted accesses, such as:

• Changing the server name
• Changing the server icon
• Setting a voice channel for inactive voice users
• Changing the channel used for system messages, as well as toggling which ones can be used.
• Altering the default notification settings for members who don't change them
• Toggling the visibility of the boost progress bar
• Altering the invite splash and server banner images.
• Adding, updating or removing any bots from the server.
• Managing server invites [if the server has a vanity url, changing that too]

Some of these permissions don't seem very abusable, but others are far too dangerous to give to moderators: for example, managing bots, the server name/icon and the server invites are all things that can be misused by rogue moderators. The former permission, adding bots, could very easily be used by a moderator to bring in rogue bots (although thats limited to what permissions the mod has, adding a rogue bot can be used to spam advertisements everywhere and in people's DM's).

Therefore, in the interest of safety and providing more granularity in permissions, I'm suggesting the API has a "MANAGE_AUTOMOD" permission, which would allow moderators the right to manage just the AutoMod annd nothing else. That way, if a bad automod configuration occurs, a moderator can edit it without relying upon an admin to do so.

[rickstaa]

@SuperSajuuk, thanks for creating this feature request 🚀. I also posted this on Discord's feedback forum to increase visibility (see https://support.discord.com/hc/en-us/community/posts/21064424959639-Dedicated-MANAGE-AUTOMOD-Permission).