* Add 'admin labels' to photos so an admin can classify a photo as:
* Not Explicit: e.g. it was flagged by the community but does not
actually need to be explicit. This option will hide the prompt to
report the explicit photo again.
* Force Explicit: if a user is fighting an explicit flag and keeps
removing it from their photo, the photo can be force marked
explicit.
* Admin labels appear on the Permalink page and in the edit photo
settings when viewed as a photo moderator admin.
When a user marks that another photo should have been marked as explicit:
* The owner of that photo gets a notification about it, which reminds them of
the explicit photo policy.
* The photo's "Flagged" boolean is set (along with the Explicit boolean)
* The 'Edit' page on a Flagged photo shows a red banner above the Explicit
option, explaining that it was flagged. The checkbox text is crossed-out,
with a "no" cursor and title text over - but can still be unchecked.
If the user removes the Explicit flag on a flagged photo and saves it:
* An admin report is generated to notify to take a look too.
* The Explicit flag is cleared as normal
* The Flagged boolean is also cleared on this photo: if they set it back to
Explicit again themselves, the red banner won't appear and it won't notify
again - unless a community member flagged it again!
Also makes some improvements to the admin page:
* On photo reports: show a blurred-out (clickable to reveal) photo on feedback
items about photos.
* Demographics page:
* Show percents with up to 1 decimal place of precision.
* On tablets+ align the percent text to the right.
* On photo counts, only include certified active user photos.
* On gender/orientation demographics, pad the remaining "No answer" counts
with the set of users who have no profile_fields set in the database yet.
* Admin certification page:
* Add additional "common rejection reasons"
* Add a confirm prompt when viewing the Rejected list to avoid accidental
approval of previously rejected cert photos.
* Add chat moderation rules to the website, so admins can apply selective rules
to problematic users. Available rules are:
* redcam: user's camera is always NSFW.
* nobroadcast: user can not broadcast their camera.
* novideo: user can not broadcast OR watch any video.
* noimage: user can not share OR see any shared image on chat.
* The page to manage a user's active rules is available on their admin card of
their profile page. When the user has rules active, a yellow counter is shown
by the link to manage their rules.
* Only chat moderator admins have access to the page or can see the yellow
counter to know whether rules are active.
* "Shy Accounts" are now permitted on the chat room! With some moderation rules
automatically applied to them: novideo,noimage.
* Update the Shy Account FAQ and messaging on the chat landing page.
* Update the auto-kick from chat behavior regarding shy accounts:
* They are kicked from chat only when an update to their profile settings will
transition then FROM a non-shy into a shy account.
* For example: when saving their profile settings (going private) or when
editing or deleting a photo (if they will have no more public photos left)
* Inner circle: users have the ability to remove themselves and can avoid being
invited again in the future.
* Admin actions: add a "Reset Password" ability to user accounts.
* Admin "Create New User" page.
* Rate limit error handling improvements for the login page.
* Add an Admin Certification Photo workflow where we can request the user to
upload a secondary form of ID (government issued photo ID showing their
face and date of birth).
* An admin rejection option can request secondary photo ID.
* It sends a distinct e-mail to the user apart from the regular rejection email
* It flags their cert photo as "Secondary Needed" forever: even if the user
removes their cert photo and starts from scratch, it will immediately request
secondary ID when uploading a new primary photo.
* Secondary photos are deleted from the server on both Approve and Reject by
the admin account, for user privacy.
* If approved, a Secondary Approved=true boolean is stored in the database. This
boolean is set to False if the user deletes their cert photo in the future.
* Add a transparency page where regular user accounts can list the roles and
permissions that an admin user has access to. It is available by clicking on
the "Admin" badge on that user's profile page.
* Add additional admin scopes to lock down more functionality:
* User feedback and reports
* Change logs
* User notes and admin notes
* Add friendly descriptions to what all the scopes mean in practice.
* Don't show admin notification badges to admins who aren't allowed to act on
those notifications.
* Update the admin dashboard page and documentation for admins.
* Dark theme fixes to brighten notification colors on mobile
* Add change log buttons around various pages to easily look into the history
of an object in the database:
* User profile page ('about user' and user table history links)
* User friends page
* User/Site gallery page (history of all (user) photos)
* Admin insights page (comments, threads, and blocklist history)
* Admin certification page (history of a user's cert photos)
* Comment history buttons on forums and photos
* Add a ChangeLog table to collect historic updates to various database tables.
* Created, Updated (with field diffs) and Deleted actions are logged, as well
as certification photo approves/denies.
* Specific items added to the change log:
* When a user photo is marked Explicit by an admin
* When users block/unblock each other
* When photo comments are posted, edited, and deleted
* When forums are created, edited, and deleted
* When forum comments are created, edited and deleted
* When a new forum thread is created
* When a user uploads or removes their own certification photo
* When an admin approves or rejects a certification photo
* When a user uploads, modifies or deletes their gallery photos
* When a friend request is sent
* When a friend request is accepted, ignored, or rejected
* When a friendship is removed
Add a permission system for admin users so you can lock down specific admins to
a narrower set of features instead of them all having omnipotent powers.
* New page: Admin Dashboard -> Admin Permissions Management
* Permissions are handled in the form of 'scopes' relevant to each feature or
action on the site. Scopes are assigned to Groups, and in turn, admin user
accounts are placed in those Groups.
* The Superusers group (scope '*') has wildcard permission to all scopes. The
permissions dashboard has a create-once action to initialize the Superusers
for the first admin who clicks on it, and places that admin in the group.
The following are the exhaustive list of permission changes on the site:
* Moderator scopes:
* Chat room (enter the room with Operator permission)
* Forums (can edit or delete user posts on the forum)
* Photo Gallery (can see all private/friends-only photos on the site
gallery or user profile pages)
* Certification photos (with nuanced sub-action permissions)
* Approve: has access to the Pending tab to act on incoming pictures
* List: can paginate thru past approved/rejected photos
* View: can bring up specific user cert photo from their profile
* The minimum requirement is Approve or else no cert photo page
will load for your admin user.
* User Actions (each action individually scoped)
* Impersonate
* Ban
* Delete
* Promote to admin
* Inner circle whitelist: no longer are admins automatically part of the
inner circle unless they have a specialized scope attached.
The AdminRequired decorator may also apply scopes on an entire admin route.
The following routes have scopes to limit them:
* Forum Admin (manage forums and their settings)
* Remove from inner circle
* A reason must be entered to impersonate a user, and it triggers a
Report and email notification to the admin.
* User gallery pages will show at the top whether the user had granted
you access to their private photos.
* Enhance user experience replying to a forum thread. An inline reply textarea
is added to page footers, "Quote" buttons on posts will quote the markdown
source and focus the reply textarea, and "Reply" buttons will put an
"@ mention" and focus the reply textarea. Users with scripts disabled will
still be sent to the regular reply page as before.
* Improve all pagers by adding a "QueryPlus" template function that merges the
page number with other current query parameters.
* Fix private profile picture avatars not displaying in your Notifications for
profile pics you're allowed to see.
* For admins, make it a specific opt-in filter for the Site Gallery to
show all pictures regardless of friendship or grant (for moderation
purposes). On this view, Like and Comment buttons are taken away.
Non-admins are not shown the option and the back-end ignores the
parameter for them.
* Fix user avatars on compose and admin actions page.
* Users who set their Profile Picture to "friends only" or "private" can have
their avatar be private all over the website to users who are not their
friends or not granted access.
* Users who are not your friends see a yellow placeholder avatar, and users
not granted access to a private Profile Pic sees a purple avatar.
* Admin users see these same placeholder avatars most places too (on search,
forums, comments, etc.) if the user did not friend or grant the admin. But
admins ALWAYS see it on their Profile Page directly, for ability to moderate.
* Fix marking Notifications as read: clicking the link in an unread notification
now will wait on the ajax request to finish before allowing the redirect.
* Update the FAQ
Finish implementing the basic forum features:
* Pinned threads (admin or board owner only)
* Edit Thread settings when you edit the top-most comment.
* NoReply threads remove all the reply buttons.
* Explicit forums and threads are filtered out unless opted-in (admins
always see them).
* Count the unique members who participated in each forum.
* Get the most recently updated thread to show on forum list page.
* Contact/Report page: handle receiving a comment ID to report on.
Implement Likes & Notifications
* Like buttons added to Photos and Profile Pages. Implemented via simple
vanilla JS (likes.js) to make ajax requests to back-end to like/unlike.
* Notifications: for your photo or profile being liked. If you unlike,
the existing notifications about the like are revoked.
* The notifications appear as an alert number in the nav bar and are read
on the User Dashboard. Click to mark a notification as "read" or click
the "mark all as read" button.
Update DeleteUser to scrub likes, notifications, threads, and comments.
* Add photo upload quotas.
* Non-certified users can upload few photos; certified users more
* Fix foreign key issues around deleting user profile photos for psql
* Add the Contact page where users can contact the site admins for feedback or
to report a problematic user, photo or message.
* Reports go into the admin Feedback table.
* Admin nav bar indicates number of unread feedbacks.
* Add "Report" button to profile pages, photo cards, and the top of Direct
Message threads.
Misc changes:
* Send emails out asynchronously for more responsive page loads.
Implement block lists. They work like friend lists but are unidirectional,
but take effect in both directions (blocker and blockee can not see one
another on the site -- except admin users can always see all users).
* Profile page says 404
* User gallery says 404
* User search page filters out blocked users
* Compose endpoint blocks sending messages to blocked users (except admin)
* Site Gallery filters photos by blocked (and uncertified) users
* Inbox page hides chat list for blocked users (can still read the chat
history if you have a link to the old thread)
* Add impersonate feature
* Add ban/unban user feature
* Add promote/demote admin status feature
* Add admin user deletion feature
* Admin ability to see other status certification pics
* Nav bar indicator of pending admin actions such as cert pics
needing approval
* Admin ability to search cert pics for specific user
* Add "forgot password" workflow.
* Add ability to change user email address (confirmation link sent)
* Add ability to change user's password.
* Add rate limiter to deter brute force login attempts.
* Add user deep delete functionality (delete account).
* Ping user LastLoginAt every 8 hours for long-lived session cookies.
* Add age filters to user search page.
* Add sort options to user search (last login, created, username/name)
* Add "Site Gallery" page showing all public+gallery member photos.
* Add "Certification Required" decorator for gallery and other main pages.
* Add the Certification Photo workflow:
* Users have a checklist on their dashboard to upload a profile pic
and post a certification selfie (two requirements)
* Admins notified by email when a new certification pic comes in.
* Admin can reject (w/ comment) or approve the pic.
* Users can re-upload or delete their pic at the cost of losing
certification status if they make any such changes.
* Users are emailed when their photo is either approved or rejected.
* User Preferences: can now save the explicit pref to your account.
* Explicit photos on user pages and site gallery are hidden if the
current user hasn't opted-in (user can always see their own explicit
photos regardless of the setting)
* If a user is viewing a member gallery and explicit pics are hidden, a
count of the number of explicit pics is shown to inform the user that
more DO exist, they just don't see them. The site gallery does not do
this and simply hides explicit photos.
