Fixed Moderators seeing conversation message reports in 2.2.8

ivp

Active member
Affected version
2.2.8
After upgrading from 2.2.7 to 2.2.8, moderators started to see conversation message reports.

Their group has "Give users warnings directly" permission set to No. Tried with Never, it's the same.
 
I don't understand what moderators seeing reports have to do with warnings? They should still be able to see reports section.
 
I don't understand what moderators seeing reports have to do with warnings?
Heh, quite. Although it had been like this for a while.

The permission to control whether or not reports about conversation messages were visible or not was based on whether or not a moderator was able to give warnings or not.

We changed it to the "Bypass user privacy" permission in 2.2.8.

If this is problematic I'll be happy to reconsider, but for now that's the permission which controls visibility of conversation message reports.
 
If this is problematic I'll be happy to reconsider, but for now that's the permission which controls visibility of conversation message reports.
Actually, this is problematic:
For legal reasons we can't give our moderators (who are not employees of our company but volunteers and as such have not been given a data protection training "Datenschutzunterweisung") the permission to bypass user privacy as this would allow them access to personal data in user profiles to which they otherwise would not have access.

If this does now mean that they won't be able to see & handle reported conversation messages, those would have to be handled by our employees which might increase their workload.

Please reconsider this, maybe a distinct permission would be the best approach.
 
How often do you actually see issues from private conversations? On our forum I’d say we’ve only seen a handful in several years
 
Receiving couple of such reports every day.

Super moderators only supposed to see them.

Moderators should be able to bypass user privacy, but should not see conversation message reports.

Please be so kind implement a distinct permission. Many thanks.

We changed it to the "Bypass user privacy" permission in 2.2.8.
Cannot find any mention of this in XF 2.2.8 changes. Is there a quick patch to revert this?
 
Last edited:
To revert the changes in src/XF/Report/ConversationMessage.php line 14 replace:
Code:
return $visitor->hasPermission('general', 'bypassUserPrivacy');
with:
Code:
return $visitor->hasPermission('general', 'warn');
 
Thank you for reporting this issue, it has now been resolved. We are aiming to include any changes that have been made in a future XF release (2.2.9).

Change log:
Revert previous change so that actioning conversation message report still relies on the 'warn' permission.
There may be a delay before changes are rolled out to the XenForo Community.
 
Back
Top Bottom