Hidden posts show up in user profile


(probus) #1

When looking at the user profile of an admin as a regular user one can see all the hidden posts as well as the ‘topic is now invisible/unpinned…’ posts. One can see removed posts when looking at a user account similarly.

I think those should be visible to admins only? The pinned/unpinned/invisible just add clutter, maybe those could be moved to another tab than Posts?


(Jeff Atwood) #2

Two issues here

  1. seeing things you shouldn’t see (can you provide screenshot?)

  2. staff message posts vs. regular posts

The second item is a separate issue IMHO.

Note that there isn’t much of anything secret here, so stop trying to look in our forbidden closet of mystery!


(probus) #3

I was going to, but now it seems this might have been fixed already. My production site is running a bit older version than test site, and it looks like I can’t reproduce this in test. I will do an update on the production site and see if it fixes this.

edit. see below, this issue still exists.

Yes, that’s a separate issue and not really a bug but a feature request.

edit. sorry about this, the original issue still exists with hidden posts, just not with deleted posts.


(probus) #4

Ok, some screenshots. I made two posts as a regular user, one titled ‘this topic is spam’ and one ‘this is a topic I’m going to hide’. Then I flagged the first one as spam and hid it as admin and just regularly hid (as admin) the second one.

After that I took three screenshots as an unregistered not logged in user:

Screenshot of the users page (both topics are visible)

Screenshot of the admin page (the hiding of the topic is visible, you can follow it to view the topic)

Screenshot of what the spam topic looks like if I try to open it (garbled)

I forgot to make a screenshot of deleted topic, but it seems to disappear from view everywhere except for admin, as it should.


(Sam Saffron) #5

Fixed in latest

https://github.com/discourse/discourse/commit/e2d2a955dc101be38eb4a6941c7c0dfdd2c01c77


(Sam Saffron) #6

This topic was automatically closed after 24 hours. New replies are no longer allowed.