I just noted that a few admin/moderator actions are not audited.
As an example Lock/Unlock user to Trust Level isn’t, but probably should be.
While we’re on the subject…
Blocks by the system user don’t have any context:
Delete post has no context (self-deleted in these cases):
Delete user reveals email address:
https://meta.discourse.org/t/privacy-email-of-deleted-users-displayed-in-staff-logs/39324
Also occurs with revoke email
.
3 separate logs for same event (spam topic/user):
Adding context should be a priority, @neil can you add to your list.
Yeah we should definitely try to include context whenever we add something in those logs. Added to my list.
I handled all the things mentioned in this topic.
- log lock/unlock trust level
- log activate/deactivate user
- context added for deleted post because author deleted
- stop displaying email addresses of deleted users. The screened emails list will show the emails of spammers/bad people.
- stop displaying email address for revoked email (can be found on user record as usual)
Were you able to handle this too?
Yes the context will include something like “blocked by staff” and “too many flags”, from the reason for the block.
While we’re at it, I’ll take the liberty of bumping this:
Can you confirm we are good here @neil and @erlend_sh?
Those look like email staged users to me, so system is perhaps cleaning up old staged users, can you confirm @zogstrip?
Confirmed and fixed