FEATURE: add option to hide IP addresses from moderators #33682
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
9074a75 to
9c761ee
Compare
cba6897 to
5cd996b
Compare
5cd996b to
eebef8a
Compare
e4a3d6f to
9d8fa22
Compare
.claude/settings.local.json
Outdated
| @@ -0,0 +1,9 @@ | |||
| { | |||
There was a problem hiding this comment.
This file intended to be included?
a new field named moderators_view_ips with default/client/hidden values has been added to site_settings.yml
add SiteSettings check and moderator check on the ip definitions before return
updated guardian.rb to have can_see_ip that the serializer can reference instead, also reusable elsewhere
updated the admin user_controller to determin ip_address should return, updated the history_serializer to prevent ip from returning on can_see_ip
removed unnecessary argument of user on guardian.can_see_ip, added an if block conditional on IP fields in Admin user dash view
PR review changes: updated the current_user_serializer and admin_user_serializer to have the pattern appended to the can_see_ip to prevent this from showing at all instead of . Also updated the server.en.yml to include a description of the new Moderator IP setting in the Admin security options
site_settings rspec was failing on integrity checks, hidden: false was the culprit. removed unnecessary field and now passes
a new field named moderators_view_ips with default/client/hidden values has been added to site_settings.yml
add SiteSettings check and moderator check on the ip definitions before return
updated guardian.rb to have can_see_ip that the serializer can reference instead, also reusable elsewhere
updated the admin user_controller to determin ip_address should return, updated the history_serializer to prevent ip from returning on can_see_ip
removed unnecessary argument of user on guardian.can_see_ip, added an if block conditional on IP fields in Admin user dash view
added can_see_ip to CurrentUserSerializer to be used in the user-index for currentUser
added functionality to prevent the Screened IP tab and route from being accessed when ip access is restricted
added to the guardian and current_user_serializer rspec tests to vet IP access and restrictions
PR review changes: updated the current_user_serializer and admin_user_serializer to have the pattern appended to the can_see_ip to prevent this from showing at all instead of . Also updated the server.en.yml to include a description of the new Moderator IP setting in the Admin security options
site_settings rspec was failing on integrity checks, hidden: false was the culprit. removed unnecessary field and now passes
76ec532 to
8b7f8ac
Compare
featheredtoast
approved these changes
Aug 4, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hide IP Addresses from Moderators When
moderators_view_ipsis DisabledSummary
Feature Request Link - https://meta.discourse.org/t/option-to-hide-ip-addresses-from-moderators/207715/51
This PR implements a feature to hide IP addresses from moderators when the
moderators_view_ipssite setting is disabled. Previously, moderators could view IPs in multiple locations across the admin UI. This update ensures that IP addresses are visible to moderators when the setting allows it.Changes Implemented
Backend Updates
moderators_view_ipssite setting insite_settings.ymlCurrentUserSerializerto includecan_see_ipfield based on the user’s role and site setting.AdminUserSerializerto restrict IP address visibility.UsersControllerto prevent IP addresses from being included in API responses.ScreenedIpAddressesControllerby throwingDiscourse::InvalidAccessif the user lacks permission.Frontend Updates
/admin/logswhenmoderators_view_ipsis disabled./admin/logs/screened_ip_addressesfor unauthorized users.user-index.hbsandlogs.hbsto conditionally hide IP fields.UI Screenshots
New option for Admins in the Admin Security settings dashboard:
Moderator's view before:
Moderator's view after:
Moderator's view before:
Moderator's view after: