Banning privilege to moderator

[WebCMS]

I saw the Unban privilege but no Ban privilege to mods. Is Ban privilege default true for mods to ban members?

Moderator is able to ban members. Moderator is not privileged to ban Admins and other Moderators (ok).

But a Restricted Moderator is able to ban a Moderator in ACP. Is there a way to config this properly so a Restricted Moderator should not be allowed to ban a Moderator?

Edited January 11 by WebCMS

[Marc Stridgen]

7 hours ago, WebCMS said:

But a Restricted Moderator is able to ban a Moderator in ACP. Is there a way to config this properly so a Restricted Moderator should not be allowed to ban a Moderator?

Anyone who has access to the admin CP is a restricted admin, not a restricted moderator. Only trusted users should be given access to the admin CP. Anyone with access to the members section in the admin CP can indeed ban any members, including other admin

Essentially, you are asking how to prevent people who you have given access to your safe, how to prevent them taking your money. The answer is, dont give them access to your safe.

[WebCMS]

The same restricted moderator is not being allowed to ban other restricted moderators.

But restricted moderators are able to ban moderators with default privileges. Logically, the restricted moderator has limited privileges than the moderator with default/full mod privileges.

Apparently, the privileges are not validated properly while rendering the Ban button on member/moderator detail page?

I did not see "Can ban other member groups" setting for Moderators (there is only Unban setting)

Is banning available only in ACP or ModCP too?

Edited January 11 by WebCMS

[Jim M]

54 minutes ago, WebCMS said:

The same restricted moderator is not being allowed to ban other restricted moderators.

But restricted moderators are able to ban moderators with default privileges. Logically, the restricted moderator has limited privileges than the moderator with default/full mod privileges.

Apparently, the privileges are not validated properly while rendering the Ban button on member/moderator detail page?

I did not see "Can ban other member groups" setting for Moderators (there is only Unban setting)

Is banning available only in ACP or ModCP too?

If you allow your moderators to warn other staff members or flag them as a spammer then they would be able to potentially ban them, again if you allow that via warning or flag as spammer.

However, access to the ACP should only be given to those who need it and you all out trust. Not every staff member. Anyone in the ACP can ban anyone (except themselves).

[WebCMS]

1 hour ago, WebCMS said:

But restricted moderators are able to ban moderators with default privileges. Logically, restricted moderator has limited privileges than the moderator with default/full mod privileges.

I did not see "Can ban other member groups" setting for Moderators (there is only Unban setting)

I was pointing out the inconsistent behavior.

6 minutes ago, Jim M said:

However, access to the ACP should only be given to those who need it and you all out trust. Not every staff member. Anyone in the ACP can ban anyone (except themselves).

Restricted moderator is not being allowed to ban self, other restricted moderators and admins (expected behavior) but is able to ban default moderators.

[Jim M]

Could you please provide an exact example of what a particular user is attempting to do to another user and where they are doing? We can then review your settings and let you know if it is intended or not. We are still lacking who/what/when/where so answering your question about inconsistency or resolving it is not possible.

[WebCMS]

Setting up a test case -

Creator a moderator with default privileges (DMOD).

Creator 2 moderators with restricted privileges (RMOD1, RMOD2).

Log into ACP using restricted moderator account RMOD1.

1) You would see the restricted moderator RMOD1 is not able to ban self, other restricted moderators (RMOD2) and admin (expected behavior).

2) Restricted moderator RMOD1 is able to ban members (expected behavior).

3) But the restricted moderator RMOD1 is able to ban moderator with default privileges (DMOD). There is a Ban button on the DMOD's detail page in ACP and RMOD1 is able to ban DMOD.

HTH

Edited January 11 by WebCMS

[teraßyte]

You are mixing up the terms here. If they can login into ACP they are restricted admins rather than restricted moderators. 🙄

 

Admins = Admin CP

Moderators = Front End

Edited January 11 by teraßyte

[Jim M]

2 minutes ago, WebCMS said:

Setting up a test case -

Creator a moderator with default privileges (DMOD).

Creator 2 moderators with restricted privileges (RMOD1, RMOD2).

Log into ACP using restricted moderator account RMOD1.

You would see the restricted moderator RMOD1 is not able to ban self, other restricted moderators (RMOD2) and admin (expected behavior).

Restricted moderator RMOD1 is able to ban members (expected behavior).

But the restricted moderator RMOD1 is able to ban moderator with default privileges (DMOD). There is a Ban button on the DMOD's detail page in ACP and RMOD1 is able to ban DMOD.

HTH

Already, there is confusion because moderators do not have access to the ACP. Thus, you are providing more access to these users.

[WebCMS]

Restricted moderators are given access to ACP to approve pending members in the absence of Admin. I understand they are restricted admins.

The inconsistent behavior is in point # 3 below

7 minutes ago, WebCMS said:

Log into ACP using restricted moderator account RMOD1.

1) You would see the restricted moderator RMOD1 is not able to ban self, other restricted moderators (RMOD2) and admin (expected behavior).

2) Restricted moderator RMOD1 is able to ban members (expected behavior).

3) But the restricted moderator RMOD1 is able to ban moderator with default privileges (DMOD). There is a Ban button on the DMOD's detail page in ACP and RMOD1 is able to ban DMOD.

HTH

 

Edited January 11 by WebCMS

[Jim M]

3 minutes ago, WebCMS said:

Restricted moderators are given access to ACP to approve pending members in the absence of Admin. I understand they are restricted admins.

The inconsistent behavior is in point # 3 below

 

Could you please provide example user's on your community which are configured in this manner? We can then see what you have exactly configured. This may be easier than trying to eliminate terminology here and what you may have restricted. 

[WebCMS]

17 minutes ago, Jim M said:

Could you please provide example user's on your community which are configured in this manner? We can then see what you have exactly configured. This may be easier than trying to eliminate terminology here and what you may have restricted. 

Tried to PM you access details but it says you cannot receive messages.

I saw this issue of "cannot receive messages" with some users on other IC forums. Under what circumstances is messaging disabled for some users only while other users can receive PMs? Is it disabled by the user himself or admin for some users?

Edited January 11 by WebCMS

[Jim M]

6 minutes ago, WebCMS said:

Tried to PM you access details but it says you cannot receive messages.

You can post the display name or user ID here. We do not need access information as we are on cloud. We just need to review the permissions.

6 minutes ago, WebCMS said:

I saw this issue of "cannot receive messages" with some users on other IC forums. Under what circumstances is messaging disabled for some users only while other users can receive PMs? Is it disabled by the user himself or admin for some users?

I have disabled my messages.

[WebCMS]

Restricted Moderators: MOD1, MOD2, MOD3 (no Ban button on their detail pages)

Default Moderator: MANAGER (Ban button rendered on this moderator's detail page when logged in using above IDs)

[Jim M]

14 minutes ago, WebCMS said:

Restricted Moderators: MOD1, MOD2, MOD3 (no Ban button on their detail pages)

Default Moderator: MANAGER (Ban button rendered on this moderator's detail page when logged in using above IDs)

MANAGER is not an administrator so would be able to be banned. This likely stems from your terminology understandings. Keep in mind an administrator is someone who can access the ACP.

[Marc Stridgen]

14 hours ago, Jim M said:

MANAGER is not an administrator so would be able to be banned. This likely stems from your terminology understandings. Keep in mind an administrator is someone who can access the ACP.

This is the issue here in your understanding. To clarify

15 hours ago, WebCMS said:

Restricted moderators are given access to ACP to approve pending members in the absence of Admin.

 

The statement there is somewhat incorrect. A restricted moderator who is given access to the ACP "Is" an admin. By definition an administrator is a member who has been granted access to the admin CP in any way. The way permissions work are as pointed out above

15 hours ago, teraßyte said:

Admins = Admin CP

Moderators = Front End

So a member can be BOTH an admin, and a moderator. In fact technically an administrator could have no moderation capability on the front end if you really wanted (not that there would be much point in this)

[WebCMS]

Are there any plans on the roadmap to provide moderators the option to approve new members and ban existing "members" in the ModCP to keep them out of ACP? If your code is reusable, it is a matter of calling it for mods from ModCP.  For a site like ic.com the existing functionality might work but most general purpose forum sites use moderators who are online, anonymous and volunteers from around the world who work for free and they are not known to admins personally.

There is usually a single Admin for a site and it is difficult when he is not available and new members are awaiting approval of their accounts. The site would become virtually DEAD as far as growth is concerned during the non-availability of the Admin which is a big bummer! If approving of new accounts can be delegated to mods, it would resolve the issue.

If the new registrations are set to require member to confirm their registration before approval, mods should be made to wait for that step to finish, then receive a mod notification before they can a approve new account. Mods should be able to view the email address before approving the new account.

For a complex software like IC, I guess this is an outstanding issue.

Edited January 14 by WebCMS

[Jim M]

45 minutes ago, WebCMS said:

For a site like ic.com the existing functionality might work but most general purpose forum sites use moderators who are online, anonymous and volunteers from around the world who work for free and they are not known to admins personally.

Why do you need to review every single member who registers? Why not just do email validation and moderate the users first post if you're worried about someone coming in and doing harm? There's no reason to "jail" someone until they've done something wrong. Especially, if your community is starting out, you don't want to put more barriers on your new users.

Personally, I would just let them register until you're met with a reason to stiffen up your community registration process.

Would state that a vast majority of our clients do not use administrator validation. It is there for an extreme case of either misuse, or you only want to cater to an extremely small niche and need to validate the registration form before letting them in. For the latter, they have a set of trusted users doing that or are overseeing that themselves as the community administrator till they have a full set of trusted users.

You may wish to review our recommendations/statements in your Feedback topic regarding this 😉 .

[WebCMS]

On 1/14/2024 at 12:48 PM, Jim M said:

Why do you need to review every single member who registers? Why not just do email validation and moderate the users first post if you're worried about someone coming in and doing harm? There's no reason to "jail" someone until they've done something wrong. Especially, if your community is starting out, you don't want to put more barriers on your new users.

Personally, I would just let them register until you're met with a reason to stiffen up your community registration process.

Would state that a vast majority of our clients do not use administrator validation. It is there for an extreme case of either misuse, or you only want to cater to an extremely small niche and need to validate the registration form before letting them in. For the latter, they have a set of trusted users doing that or are overseeing that themselves as the community administrator till they have a full set of trusted users.

You may wish to review our recommendations/statements in your Feedback topic regarding this 😉 .

Yeah, our's is a very small niche community. There is no reason for someone using mail.ru registering on our site.

Anyways, I set -

"Allow new registrations?" to Yes, with quick registration (Recommended)

"Validation method for new accounts" to Email validation (Recommended)

but see new registrations still coming up for Admin validation with an email notification to Admin.

I created another topic earlier that "Email and administrator validation" does not work as expected as it goes straight to admin validation skipping email validation step and @Marc Stridgen verified it and created a ticket for it.

Please advise...

[Jim M]

2 minutes ago, WebCMS said:

I created another topic earlier that "Email and administrator validation" does not work as expected as it goes straight to admin validation skipping email validation step and @Marc Stridgen verified it and created a ticket for it.

Do you have a link to that topic? I do not see a topic or ticket titled like that but, of course, could be missing something.

4 minutes ago, WebCMS said:

There is no reason for someone using mail.ru registering on our site.

Would simply add that as a banned email address in ACP -> Members -> Ban Settings.

[WebCMS]

Here you go...

 

1 hour ago, Jim M said:

Would simply add that as a banned email address in ACP -> Members -> Ban Settings.

Under Ban Settings, one of the options is "Non-registrable email address".

Do I need to enter the complete email address or just mail.ru?

I wouldn't know the complete email address of future members.

[Jim M]

6 minutes ago, WebCMS said:

Here you go...

Thank you! That issue is still open with our developers, I'm afraid.

6 minutes ago, WebCMS said:

Under Ban Settings, one of the options is "Non-registrable email address".

Do I need to enter the complete email address or just mail.ru?

You can use the * as a wildcard so *@mail.ru would work.

[WebCMS]

I'm wondering why the recommended settings are still making registrations go through admin validation and why none of your other clients reported it. Is my site the only one having this issue?

[Marc Stridgen]

8 hours ago, WebCMS said:

I'm wondering why the recommended settings are still making registrations go through admin validation and why none of your other clients reported it. Is my site the only one having this issue?

We would need specific examples. At present, the only issue outstanding is the bug you reported in the topic you linked to above. If thats the issue you are referring to, then that is still an open bug

[WebCMS]

No, this is a different issue.

As mentioned above, I set -

"Allow new registrations?" to Yes, with quick registration (Recommended)

"Validation method for new accounts" to Email validation (Recommended)

but still see new registrations still coming up for Admin validation with an email notification to Admin.

Please advise...