Your user profile

Each admin / editor has a profile in the Users section (admins see all users, editors see only themselves). Clicking your email in the top-right opens a dropdown with Profile and Sign out entries.

What's in the profile

A standard form with fields:

First name — used by the public site (AuthorView.displayName = "First Last") and in the admin's "Author" sidebars
Last name
Avatar — pick from the media library. Used by themes that surface author avatars on posts.
Bio — longer text shown on author archive pages (themes that surface them)
Email — read-only here. To change, log into Firebase Console → Authentication → Users.
Role — admin or editor. Read-only for self-edit; admins change other users' roles via the Users page.

Plus preferences:

Admin language — same as the topbar locale switcher, just exposed in the profile too

What's NOT here

The profile form doesn't let you:

Change your password — that's a Firebase Auth concern. Use the Firebase Console or the "Forgot password" link on the login screen (sends a reset email).
Change your email — same: Firebase Auth, via Console.
Delete your account — admins delete editor accounts via the Users page.

Everything in the profile maps to Firestore fields editable by the user themselves (per the Firestore security rules). Auth-side fields (email, password) require the Firebase Console.

Avatar upload flow

The avatar field is a media picker, not an inline upload. Click the picker → either:

Pick an existing image from your media library (categorized as Avatar in the picker)
Or upload a new one through the picker's upload tab — same flow as the Media library, with an automatic resize into the admin-thumb (72×72) variant the admin needs

The media library item is then linked to your user via users/{uid}.avatarMediaId. Themes that show avatars resolve this id and pickFormat(view, "small") to get the right-sized URL.

Read-only for editors, full edit for admins

The Firestore rules enforce a strict allowlist of fields editors can self-update:

allow update: if isAdmin() || (
  request.auth.uid == uid
  && request.resource.data.diff(resource.data).affectedKeys()
       .hasOnly(["preferences", "firstName", "lastName", "bio", "avatarMediaId"])
);

So an editor can change their first/last name, bio, avatar, language preference, but NOT their role or the disabled flag. Only admins (or the bootstrap admin) can promote / demote / disable accounts via the Users page.

Bootstrap admin specifics

The user with the email pinned in your Firestore rules (your bootstrap admin) is treated as admin even without a users/{uid} Firestore record. On first login, the admin auto-creates a record with role: "editor" (because the rules require that on self-create), but the runtime ignores that role for the bootstrap admin and treats them as admin regardless.

You can edit your profile fields normally — the bootstrap admin email is purely a privilege escalation rule, not a separate user shape.

Continue

Users and roles — admin's view of managing all users
Language and dark mode — quick toggles in the topbar

What's in the profile​

What's NOT here​

Avatar upload flow​

Read-only for editors, full edit for admins​

Bootstrap admin specifics​

Continue​