Log more admin actions

I just noted that a few admin/moderator actions are not audited.
As an example Lock/Unlock user to Trust Level isn’t, but probably should be.

8 Likes

While we’re on the subject…

Blocks by the system user don’t have any context:

Delete post has no context (self-deleted in these cases):

Delete user reveals email address:
https://meta.discourse.org/t/privacy-email-of-deleted-users-displayed-in-staff-logs/39324
Also occurs with revoke email.

3 separate logs for same event (spam topic/user):

4 Likes

Adding context should be a priority, @neil can you add to your list.

3 Likes

Yeah we should definitely try to include context whenever we add something in those logs. Added to my list.

8 Likes

I handled all the things mentioned in this topic.

  • log lock/unlock trust level
  • log activate/deactivate user
  • context added for deleted post because author deleted
  • stop displaying email addresses of deleted users. The screened emails list will show the emails of spammers/bad people.
  • stop displaying email address for revoked email (can be found on user record as usual)
12 Likes

Were you able to handle this too?

4 Likes

Yes the context will include something like “blocked by staff” and “too many flags”, from the reason for the block.

6 Likes

While we’re at it, I’ll take the liberty of bumping this:

2 Likes

Can you confirm we are good here @neil and @erlend_sh?

1 Like

I’m still seeing some system deletions with empty descriptions, which is quite confusing:

3 Likes

Those look like email staged users to me, so system is perhaps cleaning up old staged users, can you confirm @zogstrip?

2 Likes

Confirmed :heavy_check_mark: and fixed :wink:

5 Likes