Show Emails - Staff Actions problem in the wings?


(Mittineague) #1

We are due to upgrade versions soon so we have been checking on staging.

<rant>
I don’t know why trusted Moderators can’t simply be able to see email addresses, anyway …
</rant>

On the User lists is a “Show Emails” button. Better than naught.

TBH I expected I’d have seen someone currently on the latest version have already brought this up, maybe no other site uses the Logs -> Staff Actions page?

Sometimes we use the page as a “paper trail” i.e. who did what when, get a Deleted topics URL, an account’s IP etc.

The User Lists currently display 200 results.
Staff Actions currently displays 200 results.

Staff Actions has

Click usernames and actions to filter the list. Click avatars to go to user pages.

Though not always ideal, it usually works fine for homing in on what we’re after.

However, …
If a Moderator clicks Show Emails, Staff Actions becomes entirely populated with 200 rows of
Mod_Name - check email
which IMHO renders the page useless.

Maybe one entry per check instead of one entry per email is possible?
Maybe a way to filter other than by clicking on name / action ?


(Jeff Atwood) #2

The current version allows you to export all rows in any of these tabs, via pressing the “Export” button.


(Arpit Jalan) #3

I moved 8 posts to a new topic: Export CSV not working on Staff Action logs tab


(Jeff Atwood) #4

Why not extend the export to staff? If they can see the data in their browser, what is the logic that disallows them from exporting it? Can you change that @techapj it makes no sense.


(cpradio) #5

Granted, I’m not a fan of having to export data, open it outside of my browser and then act on what I find. That’s a lot of steps when we have a UI that does infinite scrolling everywhere else.

The admin lists just need the same capability, imho.


(Mittineague) #6

I have localhost scripts. A bit of trouble opening the files, downloading them, and then working with them, but doable for me in a pinch.


(Jeff Atwood) #7

Wouldn’t you want to filter the list to:

  • that staff member
  • that topic URL
  • that IP

… first? I’m unclear why you would need 200+ rows of history on a particular staff member, topic URL, or IP…?

@cpradio regardless, the admin restriction makes no sense… if mods can see it, why can’t they export it? These are two different issues.


(Mittineague) #8

Yes, that would be fine with me, and usually works well enough as long as we don’t want to go too far back in time.

But if every row is
Mittineague - check email
and the only way to filter is by clicking on
Mittineague - check email
I can’t find the URL of the post cpradio or TechnoBear Deleted to compare link drop, IP etc.

200 rows doesn’t go back very far (~a few days), especially if not filtered.


(Jeff Atwood) #9

So the real problem, getting to the root here, is that the staff logs are polluted by thousands or millions of “check email” records?


(Mittineague) #10

Yes, 200 every time a Mod clicks Show Emails


(Jeff Atwood) #11

Ok so @zogstrip what we should do here is probably just have one show email record from clicking the button on that page, not hundreds. And we should delete all the old records from the DB to clear them out.


(cpradio) #12

I completely agree. I also appreciate making the show emails button be one action instead of 200.

The fact that our community is fairly active means we occasionally only get a day or two of history. I’d prefer to have a weeks worth to a months worth at a minimum. As I find myself routinely looking in that direction over that length of time.


(Régis Hanol) #17

https://github.com/discourse/discourse/commit/bfbc49ef6fdfbf1ad93c8fec203d8d4535f03428


(Dan Dascalescu) #18

Just curious - why would an admin have to click “Show emails” to see the emails? I’ve read about the number of queries, from from a purely UX perspective, this seems like an unnecessary button? Is its existence caused by a technical limitation?


(Jeff Atwood) #19

Depends how many admins you have, I suppose, but we’d rather err on the side of safety.


(Kane York) #20

The main reason is to prevent accidental disclosure of emails to people who aren’t the admin in question. For example, a transparent intercepting HTTP proxy harvesting email addresses, or just over-the-shoulder.

The action of viewing a user’s email is also logged.


(Pavel Minaev) #21

It looks like moderators don’t get the button to show one particular user’s email when viewing the admin user page for that user. It’s there for admins, just not moderators.

It’s weird because they can still go to the list of all users, and click “Show Emails” there. But that button exposes emails for everyone on the list - we would prefer to use the single-user workflow when possible, because that limits PII exposure, and also because the logs are then clearer (since they reference the specific user whose email was seen).


(cpradio) #22

Hmm… anything special about the user? Are they indicated as active? Are they also staff? Is it a staged account?


(Pavel Minaev) #23

Nothing special. A user account created in a regular way (by joining), then granted trust level 4 and moderator privileges. Shows on the list of active users, and staff. I sent them a screenshot of how the profile page should look like, and they say that it’s exactly the same, except that they just don’t get the email field in it - at all. Tried opening a few different user accounts, email is missing for all of them.


(cpradio) #24

I can’t repro this. I setup a Moderator as TL 4 and went to Admin > Users and I see the Show button for the email address. I also see it on the Public Profile page.

Have you tried impersonating that user to see if you can see it when logged in as them?