-
-
Notifications
You must be signed in to change notification settings - Fork 6.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add logging of admin actions #5757
Conversation
c402329
to
fe805b0
Compare
these should show up when viewing the page for the account that an action is taken on, probably? |
We've solved this by copying the table, i.e. if the table is
For this, maybe add a
Representing logs like that can make them easier to export to other systems, too. |
@joshuap I've looked up how acts_as_auditable does it - when a record is destroyed, it puts all of the records's attributes into a hstore. Although, especially with CustomEmoji, that might be kind of pointless since the image file is not stored alongside and therefore no recovery or display of that data would actually be useful. If I don't do anything at all, the only thing I could do then is display "admin deleted CustomEmoji#345" which is kind of useless. So I think the middle ground is maybe, as you said, storing only attributes necessary for the barest minimum useful display, such as "admin deleted :cool_emoji:" There's also acts_as_paranoid and similar approaches. I think that's gonna be useful for the statuses table, but probably not worth it for custom_emojis..? Separately from this PR, I want to make sure status deletions and account suspensions become reversible (with n days retention e.g. data is really deleted after 30 or 90 days instead of instantly) |
I'm not a huge fan of I'm curious, how large can the statuses table grow on an instance connected to most of the federated network? |
0d2a299
to
b5d5063
Compare
Signed-off-by: Marcin Mikołajczak <me@m4sk.in>
…todon into feature-mod-accountability
7d1ca74
to
1c8fcf7
Compare
@@ -25,12 +25,15 @@ def update | |||
def process_report | |||
case params[:outcome].to_s | |||
when 'resolve' | |||
@report.update(action_taken_by_current_attributes) | |||
@report.update!(action_taken_by_current_attributes) | |||
log_action :dismiss, @report |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should probably be :resolve
to match the existing terminology. (or the name of the button should be changed, which i think is probably wrong)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My concern is that that any action "resolves" a report. In this line, it's a resolve without any side effects like silence/suspend. It'd be weird if we had "resolves" logged for these but not for the silence/suspend versions. Therefore, I used a more clear terminology, "dismiss", i.e. "resolve without doing anything"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm. why aren't we logging both? I.e., suspending a user could be:
log_action :resolve, @report
log_action :suspend, @user
otherwise you'll have no idea what report a given action was taken in response to
Wouldn't it be nice to have the possibility to make this page public or at least partially, allowing the users to have more transparency regarding admins/mods actions? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Changes LGTM, but they should probably also include a Site Settings log type, right? I couldn't find logging for that anywhere.
* Update terminology (e-mail blacklist) imho looks better * Update en.yml
…todon into feature-mod-accountability
The commit history of this PR is an awful mess because I wasn't able to rebase due to PRs made against this PR. :( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to run i18n-tasks normalize
.
* i18n: (zh-CN) Add missing translations for multiple PRs. Related PRs: #5838 #5762 #5835 #5837 #5832 #5823 #5814 #5757 * i18n: (zh-CN) Fix translation for #5823 / #5835 * i18n: (zh-CN) Improve translations * i18n: (zh-CN) Improve translations * i18n: (zh-CN) Change `发送者` to `作者` * i18n: (zh-CN) Add missing translations for #5862 * i18n: (zh-CN) Add missing translation for #5874 * i18n: (zh-CN) Improve translations for keyboard shortcuts
* Add logging of admin actions * Update brakeman whitelist * Log creates, updates and destroys with history of changes * i18n: Update Polish translation (mastodon#5782) Signed-off-by: Marcin Mikołajczak <me@m4sk.in> * Split admin navigation into moderation and administration * Redesign audit log page * 🇵🇱 (mastodon#5795) * Add color coding to audit log * Change dismiss->resolve, log all outcomes of report as resolve * Update terminology (e-mail blacklist) (mastodon#5796) * Update terminology (e-mail blacklist) imho looks better * Update en.yml * Fix code style issues * i18n-tasks normalize
…on#5849) * i18n: (zh-CN) Add missing translations for multiple PRs. Related PRs: mastodon#5838 mastodon#5762 mastodon#5835 mastodon#5837 mastodon#5832 mastodon#5823 mastodon#5814 mastodon#5757 * i18n: (zh-CN) Fix translation for mastodon#5823 / mastodon#5835 * i18n: (zh-CN) Improve translations * i18n: (zh-CN) Improve translations * i18n: (zh-CN) Change `发送者` to `作者` * i18n: (zh-CN) Add missing translations for mastodon#5862 * i18n: (zh-CN) Add missing translation for mastodon#5874 * i18n: (zh-CN) Improve translations for keyboard shortcuts
Notes: