"Requires attention" PMs are not visible to new mods


(Kane York) #1

Continuing the discussion from Moderators can access PMs that they are not invited to:

Reproduction steps:

  1. Flag a topic with a custom reason
  2. Appoint a new moderator (Test Account Blue)
  3. New moderator visits flags page
  4. New moderator clicks “Reply”

(This page also demonstrates another bug: Moderators still get the flag notifications for topics they don’t have access to, which they can’t view or handle the flags on. Not a big information leak, but quite the annoyance.)

I think it’s about time that we got group-based PM permissions that persist across group membership changes, even if there’s no UI frontend to create that kind of PMs and they are only created through flagging.

Here’s my Crappy Mockup™:

(6. The flag is still visible to mods appointed before the flag occured, as Test Account Orange was)


(Jeff Atwood) #2

So the real bug is that newly appointed moderators can’t see old PMs directed to the moderator group, created before they were moderators?

Pretty narrow case you’ve got going there.


(cpradio) #3

I don’t know about it being narrow. In active communities, we look for new staff members to replace ones stepping down fairly frequently (easily a few times a year). But more common than that, we actively seek new ones to help maintain the ever growing community.


(Neil Lalonde) #4

That case would be annoying on a site with a backlog of notify_moderators flags that have been neglected by the existing admins and moderators. Group-based permissions would be useful here, but I don’t think this edge case makes it an urgent feature.


(cpradio) #5

I’d be okay with it being put on the backlog so long as it stays on the radar to be fixed at some point :smile:


(Dave McClure) #6

I agree that this would be a great feature to have some day, not only for the reason you mentioned here, but just in general for group communication.

It’d be nice to be able to @mention or PM groups without having them expand.

One more nail in the coffin for mailing lists.

Sounds like a feature request, though.


(Jens Maier) #7

Full-on ACL-based authorization with fine-grained authorization tokens, multi-level inheritable roles and selectable inheritance for categories and sub-categories? :wink:

All joking aside, a reasonable midway between the current authorization model and, oh, let’s say Windows ACLs for the heck of it, would be a welcome feature for me.


(Jeff Atwood) #8

Pretty sure @zogstrip’s work on revamping flags UI fixed this.


(Jeff Atwood) #9