Front end tag management

Alpha1

Well-known member
Thread tags management is a task that requires the least amount of trust from all moderator and admin tasks. The workload can easily be deferred to lower ranking staff members or even a higher ranking non-staff members. From this perspective it would be very beneficial to have tags management in the front end, because then we are able to give the task to members without giving them admincp access.

If you consider that a tag database will grow to tens of thousands of tags then its easy to see why its beneficial to defer this 'monks task' of tag database sanitizing to a larger group of members. Or at least to not put it on the workload of the admin.

So please add tag management to the front end. Similar to how the post report center is in the front end.
 
Upvote 17
I will only give admin panel access to those who have earned a very high level of trust. Their IP will be whitelisted and they will be given htaccess password.

Tags moderation requires a much lower level of trust and also requires a significant number of people to be able to manage the workload. We are talking about dozens of users to manage 35,000 tags.
 
Putting the htaccess to one side for one moment. Pretend that didn't exist for a second. (I appreciate it matters, but I want to make a point).

Why is giving someone access to the Admin CP an issue of trust? They have permission to do one thing - manage tags. No more, no less.

There is a perception that giving someone access to the Admin CP on its own is going to all of a sudden open the flood gates for something bad to happen. It's not. Whether the tag management is on the front end or in the Admin CP it doesn't matter. It provides a solution to do what you want to do.

To a certain extent, this is why the role of Administrator is separated from the permissions we all think about when we think of an Administrator. This is why the permissions are so granular for Admins. You could give an absolute nobody access to your Admin CP and they'll only be able to do what you allow them to do.

Personally, I don't see the problem and I don't understand why it all of a sudden becomes an issue of trust.

The password, as much as that might matter, feels almost like an excuse, to me. You create a new login and password for that one user, and you white list their IP. When the job is done you delete them as an Administrator, un white list their IP and you remove their login. That, more than anything, is a minor inconvenience more than a reason not to do it.
 
First consider the amount of work needed to manage tens of thousands of tags. This means that dozens of people will need access to tag moderation tools. People who do not need a administrator label / status. Mind that giving someone administrator status has quite an impact on a community.

Tags are in itself front end functionality and often it is needed to go to the front end to see which threads are tagged with a tag.
Tags need inline moderation functionality very similar as inline thread management (search, merge, delete) so it also make sense to have tag moderator tools on the front end.

Even if you would be right that it matters not security wise if you give people admincp access or not,.. I don't think I am the only admin who tries to be as careful as possible with security and admin panel access. I want to keep a clear and easy overview of who is accessing admincp. Giving lower ranking members access to admincp just makes me very uncomfortable. I don't think I am the only one.

If I look back at the security vulnerabilities & exploits in core software and addons that I have seen in the last decade+ then there have been more than a few occasions where my site was not affected, because no one else has access to vbulletin admincp and no one knows where it is. Now with xenforo its basically impossible to restrict admincp access to myself, so this increases the risk to some degree. But opening the admin panel access up to a large number of lower ranking members just sounds like a very bad idea to me.
 
First consider the amount of work needed to manage tens of thousands of tags. This means that dozens of people will need access to tag moderation tools. People who do not need a administrator label / status. Mind that giving someone administrator status has quite an impact on a community.
This is the problem.

There's a fundamental misunderstanding of how Administrator's work.

If you add someone as an Administrator they have no extra permissions, they are not listed as staff and they are not labelled as an Administrator. They are simply a normalx user who has access to log in to another part of the site. There is no "status".

Giving lower ranking members access to admincp just makes me very uncomfortable. I don't think I am the only one.
Past experiences will likely explain this, somewhat, but when looking at XenForo it is a somewhat irrational fear.

I just don't want people to have this all too common misconception that an Administrator in itself welcomes a whole host of risks or implies any sort of special status.

I don't want to take this thread off track, of course, it's a valid suggestion. But in the meantime, there is scope for delegating that task to "lower ranking" members if you want to. It's an option, at least, available now (for any task which carries a specific Admin CP permission) should you feel it is appropriate.
 
Consider the possibility of a XSS exploit that allows admin permissions to be overridden. In such case, would you prefer to have admincp access restricted to yourself, a few trusted staff members or a large number of lower ranking members?

Do you see my point?
 
There's no denying XSS exploits can happen. If we lived in constant fear of XSS eploits enabling users to elevate or bypass their permissions, then we'd never let any sort of scripting code go anywhere, front end or back end.

You can still mitigate the risks. Although you could let "Newbie15" straight into your Admin CP and nothing bad happen, I wouldn't blame you for at least some sort of due diligence. Though we're not talking about random people, here, as your suggestion was to allow low ranking staff or high ranking users to perform this task. That, I feel, as long as it's a measured "risk" as to who you're letting do it is enough to mitigate most of the concern.

No one's going to force you to do that, though, of course :) As I said, it's a valid suggestion and in the meantime my idea is a valid workaround I just thought I should point out.
 
Exploits will happen. IMO limiting admincp access is good practice. The more people who have acp access, the higher the risk of getting hacked. Due diligence is needed but also very limited over the internet.
 
Chipping in.
If forum helpers have to be manually made admins rather than allowing, say, 'Well-Known Members' have access to limited management tools, then that could potentially be a lot of work.

And the admincp, while nice and responsive now, is still a new interface. Not ideal that people have to access a different url and different UI.

Whereas being able to click a 'Manage' link against all tags shown anywhere on the front end and being presented with a management modal or taken to a management page on the front end does feel nicer.
 
using this logic, i have to wonder why moderators arent required to log into the acp to edit threads?
Your argument is completely flawed. The tags management page currently only appears in the ACP and managing tags is completely different to adding tags to threads. Posts appear in the front end only and editing is pretty much the same functionality as writing, plus users can edit their posts, not just moderators. If you're going to argue in favour of something, at least use a sensible analogy as it'll likely get more credence from the XenForo devs.
 
Last edited:
I realize this is a core suggestion but for those of you with Moderator Essentials, this is included in 1.6.0 (should be released in a week or two)..... Along with a couple of other features, most of which you can gather from this screenshot;

upload_2015-7-13_14-35-37.webp
 
I just don't want people to have this all too common misconception that an Administrator in itself welcomes a whole host of risks or implies any sort of special status.
This isn't correct. The is_admin flag on an account grants a powerful set of rights which are not gated by any permission set.
  • They can't be warned.
  • They can't be banned.
  • They can pick any style (even if it isn't published)
  • Email bounce processing doesn't affect them.
  • They will see privileged information on any errors
  • They can always set a custom title
 
Last edited:
Being unable to warn and ban an admin is possible - after being demoted. If you're at the point where you need to ban or warn someone, you're likely going to be at the point where they should no longer be an admin.

The style choice and email bounce things are pretty minor.

The extended error information is slightly more of a consideration, but still not one I would (personally) call a risk.

The custom title one is not correct. That's entirely permission controlled.

What I said is correct, in my opinion. There are no risks and there is no special status, as such. My main point is there has often been a misconception that making someone an admin gives them full moderator abilities, full edit abilities to change anything they want. That definitely isn't the case, so should you want to give users (which may well just be some of your trusted moderators) the ability to help out with this, then you could. If you don't want to do that, don't :)
 
Your argument is completely flawed. The tags management page currently only appears in the ACP and managing tags is completely different to adding tags to threads. Posts appear in the front end only and editing is pretty much the same functionality as writing, plus users can edit their posts, not just moderators. If you're going to argue in favour of something, at least use a sensible analogy as it'll likely get more credence from the XenForo devs.
i think its a perfectly logical question. after all, i can moderate/manage tags from the frontend using the third-party tag addon.
 
...Their IP will be whitelisted and they will be given htaccess password.
Just a quick question, I basically understand how to use htaccess to protect the AdminCP with an additional login required, but can one protected directory have more than just a single required login? For instance, say AdminA & PasswordA; AdminB & PasswordB where either one could access the AdminCP with their separate credentials.
 
Just a quick question, I basically understand how to use htaccess to protect the AdminCP with an additional login required, but can one protected directory have more than just a single required login? For instance, say AdminA & PasswordA; AdminB & PasswordB where either one could access the AdminCP with their separate credentials.
Yes, just add more passwords to the .htpassword file.
 
If you're at the point where you need to ban or warn someone, you're likely going to be at the point where they should no longer be an admin.
Actually, this is not the case. When it comes to banning then you are right. When it comes to warning then you are wrong, because when I look at the members who have really helped out well with massive repetitive tasks on my forum, then those are very often members that need a warning every few years. Tag management is a benign responsibility. If a member receives a small warning then in most cases that does not have any bearing on their ability to correctly manage tags. But members who have permission to manage tags should be subject to the warning system.

You've pointed out why members with tag managing permission should not be admins.
 
Back
Top Bottom