I think "all team members are admins" is more usable than you think it is; I generally do this for many cloud services on most of my teams even at my day job; it's just not worth spending time dealing with access control, setting it up, and then someone who can't do what they need to do for their job cause you didn't give them enough access, or the only person who can do what needs done is on vacation, etc.
I often say "We don't have (or use the) locks on our doors at our physical individual offices, but that doesn't mean any of us would go into someone elses office when they aren't there and trash everything on their desk. And it's not a problem. What makes electronic resources different?" [I know HN audience will now give me an exhaustive list of what makes electronic resources different; please don't bother; I know this approach doesn't always work. With physical offices either].
But I agree with you that that level of feature-crippling makes me want to all it more like demoware than open source.
"Everyone is an admin" might be usable for some small teams, but it makes the software absolutely unusable for any sort of public project -- like open-source developers, or public communities. It really makes it clear that the primary purpose of the "team edition" is to drive sales of the commercial product, not to be usable in its own right.
It works well for companies where there’s typically recourse in company policy to deal politics and bullying.
For communities, especially those that are open, this model often fails as soon as one bad actor comes along because there’s often no recourse against bad behaviour.
Unfortunately for Mattermost, it’s communities that are less likely to be able to pay, and more likely to be affected by this policy. That just feels like poor policy making.
So, at your workplace, do you put unpickable locks on everyone's individual office door and enforce a policy that all doors are locked when not occupied (or heck even when occupied), so you won't have to "deal with" some insane coworker trashing someone elses office? How about tracking of who is in the bathroom when, with camera monitoring, so you can deal with it in case someone smears their poop on the walls?
Laptops and physical property are one thing. But your digital empire of customer data is another. Encryption, MFA, inactivity based locking, access controls, and the principle of least privilege helps ensure that when something inevitably does happen, the blast radius is contained.
I don't really care if someone were to smash the hell out of the office. Laptops are locked. Data is encrypted. That's why in fact we have insurance.
But a disgruntled or even careless employee could irreversibly damage an enterprise by letting happen (or deliberately causing) a data breach. All because the org didn't want to bother "dealing with" access controls.
Way more likely that someone presses that delete button in a temporary tantrum or by mistake than a coworker randomly trashing someone else's office (there are telling signs after all).
It's also way easier, cheaper and practical to prevent the first example than the second one.
Your employees may not be the problem. But their accounts with brute-forced passwords or shared credentials will be a problem once a 3rd party finds out.
Of course it's more useful, it's more useful to team members and to malicious users alike, but it's not useful for passing security audits and certifications.
I often say "We don't have (or use the) locks on our doors at our physical individual offices, but that doesn't mean any of us would go into someone elses office when they aren't there and trash everything on their desk. And it's not a problem. What makes electronic resources different?" [I know HN audience will now give me an exhaustive list of what makes electronic resources different; please don't bother; I know this approach doesn't always work. With physical offices either].
But I agree with you that that level of feature-crippling makes me want to all it more like demoware than open source.