1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Front end tag management

Discussion in 'XenForo Suggestions' started by Alfa1, Jun 26, 2015.

  1. Alfa1

    Alfa1 Well-Known Member

    Thread tags management is a task that requires the least amount of trust from all moderator and admin tasks. The workload can easily be deferred to lower ranking staff members or even a higher ranking non-staff members. From this perspective it would be very beneficial to have tags management in the front end, because then we are able to give the task to members without giving them admincp access.

    If you consider that a tag database will grow to tens of thousands of tags then its easy to see why its beneficial to defer this 'monks task' of tag database sanitizing to a larger group of members. Or at least to not put it on the workload of the admin.

    So please add tag management to the front end. Similar to how the post report center is in the front end.
     
  2. Chris D

    Chris D XenForo Developer Staff Member

    Jsut give them access to the Admin CP:

    upload_2015-6-26_21-14-9.png

    upload_2015-6-26_21-15-31.png
     
    adwade, semprot and Veer like this.
  3. Alfa1

    Alfa1 Well-Known Member

    I will only give admin panel access to those who have earned a very high level of trust. Their IP will be whitelisted and they will be given htaccess password.

    Tags moderation requires a much lower level of trust and also requires a significant number of people to be able to manage the workload. We are talking about dozens of users to manage 35,000 tags.
     
    RhysR likes this.
  4. Chris D

    Chris D XenForo Developer Staff Member

    Putting the htaccess to one side for one moment. Pretend that didn't exist for a second. (I appreciate it matters, but I want to make a point).

    Why is giving someone access to the Admin CP an issue of trust? They have permission to do one thing - manage tags. No more, no less.

    There is a perception that giving someone access to the Admin CP on its own is going to all of a sudden open the flood gates for something bad to happen. It's not. Whether the tag management is on the front end or in the Admin CP it doesn't matter. It provides a solution to do what you want to do.

    To a certain extent, this is why the role of Administrator is separated from the permissions we all think about when we think of an Administrator. This is why the permissions are so granular for Admins. You could give an absolute nobody access to your Admin CP and they'll only be able to do what you allow them to do.

    Personally, I don't see the problem and I don't understand why it all of a sudden becomes an issue of trust.

    The password, as much as that might matter, feels almost like an excuse, to me. You create a new login and password for that one user, and you white list their IP. When the job is done you delete them as an Administrator, un white list their IP and you remove their login. That, more than anything, is a minor inconvenience more than a reason not to do it.
     
    Liam W likes this.
  5. Alfa1

    Alfa1 Well-Known Member

    First consider the amount of work needed to manage tens of thousands of tags. This means that dozens of people will need access to tag moderation tools. People who do not need a administrator label / status. Mind that giving someone administrator status has quite an impact on a community.

    Tags are in itself front end functionality and often it is needed to go to the front end to see which threads are tagged with a tag.
    Tags need inline moderation functionality very similar as inline thread management (search, merge, delete) so it also make sense to have tag moderator tools on the front end.

    Even if you would be right that it matters not security wise if you give people admincp access or not,.. I don't think I am the only admin who tries to be as careful as possible with security and admin panel access. I want to keep a clear and easy overview of who is accessing admincp. Giving lower ranking members access to admincp just makes me very uncomfortable. I don't think I am the only one.

    If I look back at the security vulnerabilities & exploits in core software and addons that I have seen in the last decade+ then there have been more than a few occasions where my site was not affected, because no one else has access to vbulletin admincp and no one knows where it is. Now with xenforo its basically impossible to restrict admincp access to myself, so this increases the risk to some degree. But opening the admin panel access up to a large number of lower ranking members just sounds like a very bad idea to me.
     
    RDR likes this.
  6. Chris D

    Chris D XenForo Developer Staff Member

    This is the problem.

    There's a fundamental misunderstanding of how Administrator's work.

    If you add someone as an Administrator they have no extra permissions, they are not listed as staff and they are not labelled as an Administrator. They are simply a normalx user who has access to log in to another part of the site. There is no "status".

    Past experiences will likely explain this, somewhat, but when looking at XenForo it is a somewhat irrational fear.

    I just don't want people to have this all too common misconception that an Administrator in itself welcomes a whole host of risks or implies any sort of special status.

    I don't want to take this thread off track, of course, it's a valid suggestion. But in the meantime, there is scope for delegating that task to "lower ranking" members if you want to. It's an option, at least, available now (for any task which carries a specific Admin CP permission) should you feel it is appropriate.
     
    Daniel Hood likes this.
  7. Alfa1

    Alfa1 Well-Known Member

    Consider the possibility of a XSS exploit that allows admin permissions to be overridden. In such case, would you prefer to have admincp access restricted to yourself, a few trusted staff members or a large number of lower ranking members?

    Do you see my point?
     
  8. Chris D

    Chris D XenForo Developer Staff Member

    There's no denying XSS exploits can happen. If we lived in constant fear of XSS eploits enabling users to elevate or bypass their permissions, then we'd never let any sort of scripting code go anywhere, front end or back end.

    You can still mitigate the risks. Although you could let "Newbie15" straight into your Admin CP and nothing bad happen, I wouldn't blame you for at least some sort of due diligence. Though we're not talking about random people, here, as your suggestion was to allow low ranking staff or high ranking users to perform this task. That, I feel, as long as it's a measured "risk" as to who you're letting do it is enough to mitigate most of the concern.

    No one's going to force you to do that, though, of course :) As I said, it's a valid suggestion and in the meantime my idea is a valid workaround I just thought I should point out.
     
    Alfa1 likes this.
  9. Alfa1

    Alfa1 Well-Known Member

    Exploits will happen. IMO limiting admincp access is good practice. The more people who have acp access, the higher the risk of getting hacked. Due diligence is needed but also very limited over the internet.
     
  10. Stuart Wright

    Stuart Wright Well-Known Member

    Chipping in.
    If forum helpers have to be manually made admins rather than allowing, say, 'Well-Known Members' have access to limited management tools, then that could potentially be a lot of work.

    And the admincp, while nice and responsive now, is still a new interface. Not ideal that people have to access a different url and different UI.

    Whereas being able to click a 'Manage' link against all tags shown anywhere on the front end and being presented with a management modal or taken to a management page on the front end does feel nicer.
     
    Xon and Alfa1 like this.
  11. dieketzer

    dieketzer Well-Known Member

    using this logic, i have to wonder why moderators arent required to log into the acp to edit threads?
     
    Alfa1 likes this.
  12. Martok

    Martok Well-Known Member

    Your argument is completely flawed. The tags management page currently only appears in the ACP and managing tags is completely different to adding tags to threads. Posts appear in the front end only and editing is pretty much the same functionality as writing, plus users can edit their posts, not just moderators. If you're going to argue in favour of something, at least use a sensible analogy as it'll likely get more credence from the XenForo devs.
     
    Last edited: Jul 13, 2015
  13. Daniel Hood

    Daniel Hood Well-Known Member

    I realize this is a core suggestion but for those of you with Moderator Essentials, this is included in 1.6.0 (should be released in a week or two)..... Along with a couple of other features, most of which you can gather from this screenshot;

    upload_2015-7-13_14-35-37.png
     
    Enguerran A likes this.
  14. Xon

    Xon Well-Known Member

    This isn't correct. The is_admin flag on an account grants a powerful set of rights which are not gated by any permission set.
    • They can't be warned.
    • They can't be banned.
    • They can pick any style (even if it isn't published)
    • Email bounce processing doesn't affect them.
    • They will see privileged information on any errors
    • They can always set a custom title
     
    Last edited: Jul 14, 2015
  15. Chris D

    Chris D XenForo Developer Staff Member

    Being unable to warn and ban an admin is possible - after being demoted. If you're at the point where you need to ban or warn someone, you're likely going to be at the point where they should no longer be an admin.

    The style choice and email bounce things are pretty minor.

    The extended error information is slightly more of a consideration, but still not one I would (personally) call a risk.

    The custom title one is not correct. That's entirely permission controlled.

    What I said is correct, in my opinion. There are no risks and there is no special status, as such. My main point is there has often been a misconception that making someone an admin gives them full moderator abilities, full edit abilities to change anything they want. That definitely isn't the case, so should you want to give users (which may well just be some of your trusted moderators) the ability to help out with this, then you could. If you don't want to do that, don't :)
     
  16. dieketzer

    dieketzer Well-Known Member

    i think its a perfectly logical question. after all, i can moderate/manage tags from the frontend using the third-party tag addon.
     
    Alfa1 likes this.
  17. adwade

    adwade Active Member

    Just a quick question, I basically understand how to use htaccess to protect the AdminCP with an additional login required, but can one protected directory have more than just a single required login? For instance, say AdminA & PasswordA; AdminB & PasswordB where either one could access the AdminCP with their separate credentials.
     
  18. Martok

    Martok Well-Known Member

    Yes, just add more passwords to the .htpassword file.
     
    adwade and Alfa1 like this.
  19. Alfa1

    Alfa1 Well-Known Member

    Actually, this is not the case. When it comes to banning then you are right. When it comes to warning then you are wrong, because when I look at the members who have really helped out well with massive repetitive tasks on my forum, then those are very often members that need a warning every few years. Tag management is a benign responsibility. If a member receives a small warning then in most cases that does not have any bearing on their ability to correctly manage tags. But members who have permission to manage tags should be subject to the warning system.

    You've pointed out why members with tag managing permission should not be admins.
     
    Xon likes this.

Share This Page