[Andrew] Moderator Panel

[Andrew] Moderator Panel 2.0.9

No permission to download
Overview FAQ Updates (52) Reviews (40) History Discussion
Hi Andrew, is there a feature that filters new registrations to see if the username is already in use? I have moderators who encounter a request for approval of a new registration that was "set aside for manual approval" because it uses a username already in use.

I'm trying to find out where that comes from, I thought maybe it was your addon?
 
creativeforge said:
Hi Andrew, is there a feature that filters new registrations to see if the username is already in use? I have moderators who encounter a request for approval of a new registration that was "set aside for manual approval" because it uses a username already in use.

I'm trying to find out where that comes from, I thought maybe it was your addon?
Click to expand...
No, this add-on does not do that. I am not aware how you would have users register for usernames that already exist.
 
AndrewSimm said:
No, this add-on does not do that. I am not aware how you would have users register for usernames that already exist.
Click to expand...
Thank you, a moderator asked me to find out how to disable that filter or maybe remove those notifications to moderators... I'll need to ask for a screenshot next time.

Thanks Andrew!
 
This is a nice Add-on, thank you for providing this :)

Methods Andrew\ModeratorPanel\Pub\Controller::actionIpAddresses() and Andrew\ModeratorPanel\Pub\Controller::actionIpUsers() do allow access for anyone who has permission to access the Panel.

Can this be changed to also take the existing permission $visitor->canViewIps() into account?
For legal reasons we can't allow moderators to access IP adresses, so this currently prevents us from being able to use this Add-on.

Similar changes for actionCurrentBan, actionWarnings and actionThreadBans would also be appreciated.

Further Issues
  • Templates andrew_moderatorpanel_dashboard_macros, andrew_moderatorpanel_macros, andrew_moderatorpanel_user_ban_list contain hardcoded text Edit ban
  • Duplicate phrases andrew_moderatorpanel_moderator_panel and andrew_moderator_panel
  • Typo phrase andrew_moderatorpanel_recently_regisered_users
  • There is w wrong condition check in Andrew\ModeratorPanel\Pub\Controller\ModeratorPanel::actionUserNotes() that does allow users that have either condition to view user notes; it probably should be only users that have both permissions - at least it shold by only users taht do have the permission to view user notes
    PHP: 
    if (!$visitor->canViewModeratorPanel() && !$visitor->canViewUserNotes())
{
    return $this->noPermission();
}
    As I'd consider this a security related bug it should be fixed in a timely manner.
  • It is still possible to search for IP adresses even if permission View IP addresses is not given
  • The dashboard shows "Activity blocks" for Active & Closed reports even if reports are being sent to a forum
    This seems unnecessary and confusing as those counters will both be zero all the time anyway in this case
  • Recent warnings does show an end date for timestamp 0 instead of phrase never for non-expiring warnings
 
Last edited:
Kirby said:
This is a nice Add-on, thank you for providing this :)

Methods Andrew\ModeratorPanel\Pub\Controller::actionIpAddresses() and Andrew\ModeratorPanel\Pub\Controller::actionIpUsers() do allow access for anyone who has permission to access the Panel.

Can this be changed to also take the existing permission $visitor->canViewIps() into account?
For legal reasons we can't allow moderators to access IP adresses, so this currently prevents us from being able to use this Add-on.

Similar changes for actionCurrentBan, actionWarnings and actionThreadBans would also be appreciated.

Further Issues
  • Templates andrew_moderatorpanel_dashboard_macros, andrew_moderatorpanel_macros, andrew_moderatorpanel_user_ban_list contain hardcoded text Edit ban
  • Duplicate phrases andrew_moderatorpanel_moderator_panel and andrew_moderator_panel
  • Typo phrase andrew_moderatorpanel_recently_regisered_users
  • There is w wrong condition check in Andrew\ModeratorPanel\Pub\Controller\ModeratorPanel::actionUserNotes() that does allow users that have either condition to view user notes; it probably should be only users that have both permissions - at least it shold by only users taht do have the permission to view user notes
    PHP: 
    if (!$visitor->canViewModeratorPanel() && !$visitor->canViewUserNotes())
{
    return $this->noPermission();
}
    As I'd consider this a security related bug it should be fixed in a timely manner.
  • It is still possible to search for IP adresses even if permission View IP addresses is not given
  • The dashboard shows "Activity blocks" for Active & Closed reports even if reports are being sent to a forum
    This seems unnecessary and confusing as those counters will both be zero all the time anyway in this case
  • Recent warnings does show an end date for timestamp 0 instead of phrase never for non-expiring warnings
Click to expand...
Thanks Kirby. I have a flight back home tomorrow and should be able to address most of this on Saturday and Sunday. I'll get out a release this weekend. Thanks for the detail.
 
Kirby said:
This is a nice Add-on, thank you for providing this :)

Methods Andrew\ModeratorPanel\Pub\Controller::actionIpAddresses() and Andrew\ModeratorPanel\Pub\Controller::actionIpUsers() do allow access for anyone who has permission to access the Panel.

Can this be changed to also take the existing permission $visitor->canViewIps() into account?
For legal reasons we can't allow moderators to access IP adresses, so this currently prevents us from being able to use this Add-on.

Similar changes for actionCurrentBan, actionWarnings and actionThreadBans would also be appreciated.

Further Issues
  • Templates andrew_moderatorpanel_dashboard_macros, andrew_moderatorpanel_macros, andrew_moderatorpanel_user_ban_list contain hardcoded text Edit ban
  • Duplicate phrases andrew_moderatorpanel_moderator_panel and andrew_moderator_panel
  • Typo phrase andrew_moderatorpanel_recently_regisered_users
  • There is w wrong condition check in Andrew\ModeratorPanel\Pub\Controller\ModeratorPanel::actionUserNotes() that does allow users that have either condition to view user notes; it probably should be only users that have both permissions - at least it shold by only users taht do have the permission to view user notes
    PHP: 
    if (!$visitor->canViewModeratorPanel() && !$visitor->canViewUserNotes())
{
    return $this->noPermission();
}
    As I'd consider this a security related bug it should be fixed in a timely manner.
  • It is still possible to search for IP adresses even if permission View IP addresses is not given
  • The dashboard shows "Activity blocks" for Active & Closed reports even if reports are being sent to a forum
    This seems unnecessary and confusing as those counters will both be zero all the time anyway in this case
  • Recent warnings does show an end date for timestamp 0 instead of phrase never for non-expiring warnings
Click to expand...
Just finished these updates. I am going to do some more testing tomorrow and then release the update.
 
AndrewSimm updated [Andrew] Moderator Panel with a new update entry:

Version 1.4.3

  • Updated hard coded "Edit Ban" to {{ phrase('edit_ban') }}
  • Removed phrase "andrew_moderatorpanel_moderator_panel" and replaces instances of it with andrew_moderator_panel
  • Fixed spelling of andrew_moderatorpanel_recently_regisered_users and removed duplicate phrase
  • Fixed incorrect operator on user note permission that could allow users with panel access but not user note access to view user notes
  • Warnings that never expire will show "Never" instead of a date in 1969...
Click to expand...

Read the rest of this update entry...
 
Kirby said:
This is a nice Add-on, thank you for providing this :)

Methods Andrew\ModeratorPanel\Pub\Controller::actionIpAddresses() and Andrew\ModeratorPanel\Pub\Controller::actionIpUsers() do allow access for anyone who has permission to access the Panel.

Can this be changed to also take the existing permission $visitor->canViewIps() into account?
For legal reasons we can't allow moderators to access IP adresses, so this currently prevents us from being able to use this Add-on.

Similar changes for actionCurrentBan, actionWarnings and actionThreadBans would also be appreciated.

Further Issues
  • Templates andrew_moderatorpanel_dashboard_macros, andrew_moderatorpanel_macros, andrew_moderatorpanel_user_ban_list contain hardcoded text Edit ban
  • Duplicate phrases andrew_moderatorpanel_moderator_panel and andrew_moderator_panel
  • Typo phrase andrew_moderatorpanel_recently_regisered_users
  • There is w wrong condition check in Andrew\ModeratorPanel\Pub\Controller\ModeratorPanel::actionUserNotes() that does allow users that have either condition to view user notes; it probably should be only users that have both permissions - at least it shold by only users taht do have the permission to view user notes
    PHP: 
    if (!$visitor->canViewModeratorPanel() && !$visitor->canViewUserNotes())
{
    return $this->noPermission();
}
    As I'd consider this a security related bug it should be fixed in a timely manner.
  • It is still possible to search for IP adresses even if permission View IP addresses is not given
  • The dashboard shows "Activity blocks" for Active & Closed reports even if reports are being sent to a forum
    This seems unnecessary and confusing as those counters will both be zero all the time anyway in this case
  • Recent warnings does show an end date for timestamp 0 instead of phrase never for non-expiring warnings
Click to expand...
This has all been fixed in version 1.4.3. I strongly encourage everyone to upgrade.
 
Great add-on, I have disabled an alternative (paid) add-on that has only a fraction of the features of this one. Thank you for releasing this.

I would personally like a feature where protected users' IP addresses are not shown, but I understand this is a bit of a niche request!
 
You must log in or register to reply here.

Similar threads

P
Tradionnal Chinese translation for [Andrew] Moderator Panel 2.0.9
Replies
3
Views
45
Yenxji
Yenxji
CommanderVex
  • Solved
XF 2.2 Moderator Panel Missing and more
Replies
2
Views
55
CommanderVex
CommanderVex
KhanTastic
  • Solved
XF 2.3 Can a moderator view admin panel of Xenforo?
Replies
4
Views
92
jeb35
J
Foxtrek_64
  • Suggestion Suggestion
Native Moderator Control Panel
Replies
8
Views
380
KSA
KSA
Pepe2012
  • Question Question
XF 2.0 Moderator Tools/Control Panel
Replies
2
Views
2K
SyTry
SyTry
Back
Top Bottom