Skip to content

Handle moderation privileges

Haelwenn requested to merge fine-grained into release/2.5.0

Fix #206 (closed) https://git.pleroma.social/pleroma/admin-fe/-/issues/185
For BE MR pleroma!3676 (closed)

  • Make admin-fe aware of privileges
  • Make sure a privileged non-admin can log in
  • Only show menu/options to those who are privileged
    • Sidebar
    • Make sure you're redirected to a privileged route after login
    • Only show privileged options in the pages themselves
      • Users
        • "Moderate multiple users" dropdown
          • Bug: Changing tags wont show if the user can't fetch the config (i.e. is non-admin)
        • "Moderation" dropdown
        • "Create new account"
        • Click a user > "Moderate user"
      • Statuses
        • "Change scope" dropdown
      • Reports
        • "Moderate user" dropdown
      • Moderation Log
        • Link to users and to specific reports
    • Don't do unprivileged calls (e.g. after login /api/pleroma/admin/config is called)
  • Make sure error messages are correct (e.g. when not logged in, you now get message about needing to be admin, but not only admins are able to log in)
  • What if I have privileges, but none to give me a menu? What happens then, is that acceptable, and how to handle it properly? => You're now redirected to the /401 page.
  • [ ] Check if #213 could/should be done here Let's do it later on
Edited by Haelwenn

Merge request reports

Loading