description |
---|
Describe the moderation system works and how the team should use it |
{% hint style="info" %} For user documentation about moderation, see Moderation {% endhint %}
{% hint style="warning" %} We don't provide any interface for the moderation features yet. To access them you'll need a direct access to the database - through Forest, PgAdmin, DBeaver...etc {% endhint %}
- All features (submitting expenses, commenting...) will be blocked for this user.
- A warning will be displayed at the top of all pages for this user.
User is clearly spamming or trying malicious things on the platform.
Set User.data.features.ALL
to false
The specified feature will be blocked for this user.
User has a strange behavior with a feature, or is abusing a specific one. We want to prevent the use of it without blocking access to the others. For example, users having bad language in a conversation - we want to prevent them from commenting, but it's ok to have them creating orders.
Set User.data.features.{FEATURE_NAME}
to false
To see a list of all features names, check https://github.com/opencollective/opencollective-api/blob/main/server/constants/feature.ts
Example
- Disable access to expenses:
User.data.features.EXPENSES = false
- Disable access to conversations:
User.data.features.CONVERSATIONS = false
First make sure that users don't have any data that is problematic to delete:
WITH profiles_to_ban AS (
SELECT * FROM "Collectives"
WHERE slug = ANY($collectiveSlugs)
) SELECT
COUNT(c.id) AS nb_collectives,
COUNT(t.id) AS nb_transactions,
COUNT(e.id) AS nb_expenses,
COUNT(o.id) AS nb_orders
FROM
profiles_to_ban c
LEFT JOIN
"Transactions" t ON t."CollectiveId" = c.id OR t."FromCollectiveId" = c.id
LEFT JOIN
"Expenses" e ON e."CollectiveId" = c.id AND status = 'PAID'
LEFT JOIN
"Orders" o ON o."FromCollectiveId" = c.id OR o."CollectiveId" = c.id AND o.status != 'ERROR'
If that's ok and you're 100% sure that all these collectives are SPAM, you can also include the collective admins:
SELECT mc.slug
FROM "Members" m
INNER JOIN "Collectives" c ON m."CollectiveId" = c.id
INNER JOIN "Collectives" mc ON m."MemberCollectiveId" = mc.id
WHERE m."role" = 'ADMIN' AND m."CollectiveId" = c.id
AND c.slug = ANY($collectiveSlugs)
AND c."deletedAt" IS NULL
Make sure you re-run the first query with these new entries to make sure it's safe to ban them.
Please refer to this query to ban users and collectives from the platforms. You'll need to input a list of collective slugs to the query. When banning a user, all the related data (memberships, expenses, comments...etc) are (soft-) deleted. A special flag is set in user.data.isBanned
is set to true
.
User's email will be locked in database, to that it will be impossible for the user to register with the same email address.