Discourse/discourse
Discourse/discourse
0
0
Fork 0
mirror of https://gh.wpcy.net/https://github.com/discourse/discourse.git synced 2026-05-09 09:34:20 +08:00
Code Packages Activity Actions
discourse/app/serializers/user_history_serializer.rb
benj 72e4e53fda
FEATURE: add option to hide IP addresses from moderators (#33682) 
# Hide IP Addresses from Moderators When `moderators_view_ips` is
Disabled

## Summary 
Feature Request Link -
https://meta.discourse.org/t/option-to-hide-ip-addresses-from-moderators/207715/51
This PR implements a feature to **hide IP addresses from moderators**
when the `moderators_view_ips` site setting is disabled. Previously,
moderators could view IPs in multiple locations across the admin UI.
This update ensures that IP addresses are visible to moderators when the
setting allows it.

## Changes Implemented  

### Backend Updates
- **Added `moderators_view_ips` site setting** in `site_settings.yml`
- **Updated `CurrentUserSerializer`** to include `can_see_ip` field
based on the user’s role and site setting.
- **Modified `AdminUserSerializer`** to restrict IP address visibility.
- **Updated `UsersController`** to prevent IP addresses from being
included in API responses.
- **Restricted IPs in `ScreenedIpAddressesController`** by throwing
`Discourse::InvalidAccess` if the user lacks permission.

### Frontend Updates
- **Hid "Screened IPs" tab** in `/admin/logs` when `moderators_view_ips`
is disabled.
- **Blocked direct access to `/admin/logs/screened_ip_addresses`** for
unauthorized users.
- **Updated `user-index.hbs` and `logs.hbs`** to conditionally hide IP
fields.

### UI Screenshots

New option for Admins in the Admin Security settings dashboard:
![Screenshot 2025-02-21 at 5 32
00 PM](https://github.com/user-attachments/assets/5b315434-7724-4cb9-a3dc-d88750df00a6)


Moderator's view before:
![Screenshot 2025-02-21 at 5 25
41 PM](https://github.com/user-attachments/assets/0fb269e2-db40-488b-b11d-8bdfbe2a5245)
Moderator's view after:
![Screenshot 2025-02-21 at 5 26
59 PM](https://github.com/user-attachments/assets/efb848b0-1d7f-4ec9-8238-d8ee4eddbbe1)

Moderator's view before:
![Screenshot 2025-02-21 at 5 23
52 PM](https://github.com/user-attachments/assets/226e6d63-df3e-45d0-833f-de52593a086e)
Moderator's view after:
![Screenshot 2025-02-21 at 5 23
15 PM](https://github.com/user-attachments/assets/af313af2-2329-46d1-827d-290243c320e5)

---------

Co-authored-by: Bennett Dungan <bennettdungan@gmail.com>
2025-08-05 10:09:02 -05:00

48 lines
1.2 KiB
Ruby
Raw Permalink Blame History

# frozen_string_literal: true
class UserHistorySerializer < ApplicationSerializer
attributes :action_name,
:details,
:context,
:ip_address,
:email,
:created_at,
:subject,
:previous_value,
:new_value,
:topic_id,
:post_id,
:category_id,
:action,
:custom_type,
:id
has_one :acting_user, serializer: BasicUserSerializer, embed: :objects
has_one :target_user, serializer: BasicUserSerializer, embed: :objects
def action_name
key = UserHistory.actions.key(object.action)
%i[custom custom_staff].include?(key) ? object.custom_type : key.to_s
end
def new_value
if object.new_value
object.new_value_is_json? ? ::JSON.parse(object.new_value) : object.new_value
else
nil
end
end
def previous_value
if object.previous_value
object.previous_value_is_json? ? ::JSON.parse(object.previous_value) : object.previous_value
else
nil
end
end
def ip_address
return nil unless scope.can_see_ip?
object.ip_address.try(:to_s)
end
end
View git blame Copy permalink