• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

As designed Moderator actions aren't logged if the user isn't a moderator

Zenexer

Active member
#1
Non-moderators can be given moderator permissions. If this happens, the moderator log handler won't log any moderator-like actions that they perform.

In XenForo_ModeratorLogHandler_Abstract#log:

PHP:
if (!$logUser['user_id'] || !$logUser['is_moderator'] || !$this->isLoggable($logUser, $content, $action))
{
    return false;
}
For example, if Steve has the ability to approve threads in a specific forum he curates, but isn't a full moderator, his approvals won't be logged.
 

Chris D

XenForo developer
Staff member
#2
By definition, this is as designed. Only actual moderators are ever treated as such, so moderator actions will only be logged if they are a moderator.
 

Zenexer

Active member
#3
That defeats the purpose of an audit log. An action attempt should always be logged, no matter who does it, whether they were supposed to be able to do it, or whether it succeeded. Anything less is a security flaw.

Plus, it just doesn't really make sense--why wouldn't you always log it?

As an end user, I expect that the moderator log is going to include all moderator actions. If someone approves a post, I expect it to appear in the moderator log, whether or not I've marked them as a "global" moderator. If it's necessary for a user to be marked as a global moderator for logging to function properly, that seems like a design flaw; I shouldn't be able to give users those permissions directly if it's going to break the audit log.
 
Last edited:

Harpers Tate

Well-known member
#4
You can make "Steve" a Moderator for just one forum, and give him only the permissions he needs for that one forum. Moderators don't have to be global.
 

Zenexer

Active member
#5
@Harpers Tate Of course, but when there are a lot of people managing a lot of permissions, eventually, someone is going to end up with moderator-like permissions without being a moderator--accidents happen. Additionally, someone could use it maliciously to avoid being logged.

My point is that if it's designed to work "A Certain Way," then it shouldn't be able to work in any other way--or, at the very least, there should be a warning, though that wouldn't be sufficient here because it's a security concern.

Or, quite simply, it could log everything and not bother with the is_moderator test. If customers are using XenForo as intended, logging works as intended. If customers aren't using XenForo as intended, logging still works as intended.
 

Aceros

Active member
#6
I've ran into this as well and been frustrated by the missing activity. It's taking the literal meaning rather than functional.

I doubt any site operator has given permissions to someone without the moderator tag with the intent they not be logged.

Not all sites operate the same and certain moderator actions can be a normal operation in some communities. Only partially logging these actions is frustrating at best.

Would urge a re-evaluation of this thought process.