Lack of interest New General moderator permission: "Delete own warnings"

[ivp]

There is hard coded permission which allows moderators issuing a warning to edit or expire it, in src/XF/Entity/Warning.php functions canDelete() and canEditExpiry():

if ($this->warning_user_id == $visitor->user_id)
{
    return true;
}

Instead there should be new General moderator permission: "Delete own warnings".

Ref: https://xenforo.com/community/threa...s-not-work-for-moderators.175918/post-1427883

 

[RallyFan]

You don't want moderators to delete warnings, it makes no sense and undermines the very point of warnings.

 

[ivp]

I also consider this being a bug, but it is a "feature":

It was always an intentional design behaviour (which perhaps dates back quite some time) that the moderators issuing a warning should be able to edit or expire it.

 

[RallyFan]

Edit and expire is different to deleting it completely.

Editing / Expiring still leaves a record.

 

[ivp]

Unfortunately moderators can delete warnings they issued. See:

As designed - "Delete all warnings" permission does not work for moderators

Moderators can delete warnings and/or modify when they expire even though "Delete all warnings" permission is set to No or Never. In src/XF/Entity/Warning.php functions canDelete() and canEditExpiry() include a code overriding "Delete all warnings" permission: if ($this->warning_user_id ==...

xenforo.com

 

[RallyFan]

Good to see its been reverted! Prevents mods bullying users and then covering their tracks.

 

[ivp]

On the contrary, if moderator issues a warning and then deletes it, nobody will see it in the list of warnings in Warnings tab in user's profile.