As designed Moderator actions aren't logged if the user isn't a moderator

PaulB

Well-known member
Non-moderators can be given moderator permissions. If this happens, the moderator log handler won't log any moderator-like actions that they perform.

In XenForo_ModeratorLogHandler_Abstract#log:

PHP:
if (!$logUser['user_id'] || !$logUser['is_moderator'] || !$this->isLoggable($logUser, $content, $action))
{
    return false;
}

For example, if Steve has the ability to approve threads in a specific forum he curates, but isn't a full moderator, his approvals won't be logged.
 
By definition, this is as designed. Only actual moderators are ever treated as such, so moderator actions will only be logged if they are a moderator.
 
That defeats the purpose of an audit log. An action attempt should always be logged, no matter who does it, whether they were supposed to be able to do it, or whether it succeeded. Anything less is a security flaw.

Plus, it just doesn't really make sense--why wouldn't you always log it?

As an end user, I expect that the moderator log is going to include all moderator actions. If someone approves a post, I expect it to appear in the moderator log, whether or not I've marked them as a "global" moderator. If it's necessary for a user to be marked as a global moderator for logging to function properly, that seems like a design flaw; I shouldn't be able to give users those permissions directly if it's going to break the audit log.
 
Last edited:
You can make "Steve" a Moderator for just one forum, and give him only the permissions he needs for that one forum. Moderators don't have to be global.
 
@Harpers Tate Of course, but when there are a lot of people managing a lot of permissions, eventually, someone is going to end up with moderator-like permissions without being a moderator--accidents happen. Additionally, someone could use it maliciously to avoid being logged.

My point is that if it's designed to work "A Certain Way," then it shouldn't be able to work in any other way--or, at the very least, there should be a warning, though that wouldn't be sufficient here because it's a security concern.

Or, quite simply, it could log everything and not bother with the is_moderator test. If customers are using XenForo as intended, logging works as intended. If customers aren't using XenForo as intended, logging still works as intended.
 
I've ran into this as well and been frustrated by the missing activity. It's taking the literal meaning rather than functional.

I doubt any site operator has given permissions to someone without the moderator tag with the intent they not be logged.

Not all sites operate the same and certain moderator actions can be a normal operation in some communities. Only partially logging these actions is frustrating at best.

Would urge a re-evaluation of this thought process.
 
Forgot about this thread but would love a fix :)

Can you give the file?

Sure. In XenForo 1.5.x, it's in the XenForo_ModeratorLogHandler_Abstract class:
Code:
library/XenForo/ModeratorLogHandler/Abstract.php
 
Last edited:
Top Bottom