Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Report inboxes #6

Open
wants to merge 12 commits into
base: main
Choose a base branch
from
72 changes: 72 additions & 0 deletions 0000-report-inboxes.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
- Feature Name: report-inboxes
- Start Date: 2024-02-20
- RFC PR: [LemmyNet/rfcs#0000](https://github.com/LemmyNet/rfcs/pull/0000)
- Lemmy Issue: [LemmyNet/lemmy#0000](https://github.com/LemmyNet/lemmy/issues/0000)

# Summary

Rather than combining all reports into a single report inbox, we should allow users to select whether they are reporting to mods or admins, and we should split reports into different inboxes based on that selection.

# Motivation

The current approach has some shortcomings:

* Users are not currently able to bypass mods and report directly to admins - this may allow mods to conceal instance rule breaking in specific communities
* Admins are not aware of community rules, so they may wish to take no action for most community rule breaking reports. However, if an admin resolves such a report, the relevant community mods most likely never see it.
* Different instances may have different rules, but somebody resolving a report on one instance will resolve it for other instances as well, thus potentially resulting in missed reports.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is incorrect. If you resolve a report, that only affects your local instance. Mods or admins on other instances have to resolve it separately.

* Mods might take local action on a report and mark it as resolved even in cases where a user should be banned from the entire instance. In this case, admins are very unlikely to see the report.

# Guide-level explanation

### When creating reports, users will be able to select if it's a mod report, or an admin report (or both)

![image](https://github.com/sunaurus/lemmy-rfcs/assets/5356547/9a21b527-6c88-4024-b287-3371d77688f4)

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Idea: Include a list of usernames of the mods and admins here (perhaps truncated to the top N of them if there's a lot) to make it crystal clear who is receiving the report.

EDIT: As I note below, it should probably be phrased as

"Does the reported content violate community rules or server rules?

  1. Community rules (report to mods: )
  2. Server rules (report to admins: )"

The list of users could still be included for clarity.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed, added a note about this to the RFC

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The image shows the options as checkboxes - is the intention that you should be able to send the report to both admins and mods? Otherwise this should use radio buttons.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it makes sense to be able to send reports to both, I would keep it as checkboxes

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Either that or a radio button / enum with Both, AdminsOnly, ModsOnly .

I'd prefer that Both be the default, since the majority of reports (at least on lemmy.ml), are for spam or site-wide rule breaking, rather than community rule-breaking.

Copy link
Member

@Nutomic Nutomic Feb 26, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If users can ignore the choice between admin or mod, they will simply use the default. That would make the whole RFC moot. So I think there should only be radio buttons for either admin or mod.

Anyway please update the image with the agreed layout, or get rid of the image. Its too confusing to have completely different suggestions in the image and text.

Copy link

@Nothing4You Nothing4You Mar 15, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Having both as an option definitely seems useful.
For example, if someone posts nsfw content and forgets or intentionally marks it as not nsfw, this is something that should be addressed as soon as possible, where having the community mods informed in case admins are not immediately available increases the amount of people that might be able to deal with the issue quickly.

This of course also applies to various other problematic content, but even for the spam example mentioned for lemmy.ml.
Having spam reported to both community mods and site admins can allow community mods to take the content down even before site admins will be to perform a site ban if they're not immediately available.

edit: I see this was mentioned by dessalines further down already


### Instead of the current single report inbox, there will be three different kinds of inboxes

* Admin reports - show all reports sent to admins (only visible to admins)
* Mod reports - show all reports sent to mods for any communities the user moderates
* All reports - Shows a read-only view of all (admin and mod) reports, only visible to admins
* This is a read-only version of the current 0.19.3 admin report view, and would allow admins to still keep an eye on mod actions on their instance if they wish

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel like there is no practical need to make this read-only. Admins can alter stuff anyway if they wanted to, there's no need for the UI to try and hide that. But admins shouldn't get "unread report" notices about this view at least.

Copy link
Author

@sunaurus sunaurus Feb 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I think you're right. I think the best way forward is to just show a confirmation dialog with a warning when an admin wants to resolve a report which is not in their own report inbox.


The UI wouldn't need to change for mods, but for admins, there would be a new selection at the top of the reports page (the "mod reports" tab would only be visible if the admin is also a mod in any community):
![image](https://github.com/sunaurus/lemmy-rfcs/assets/5356547/cc4ad68c-6e85-4cd9-b324-131c06951cb3)

### Resolving reports should be more granular
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had to read this over a few times to fully understand it. Might be good to break this into 3 sub-headings. And what resolving, or removing does to the other inboxes.

#### Reports to Admins

#### Reports to Mods

#### Reports to Both


* Reports in the "admin reports" tab can only be resolved for admins of the local instance
* To reduce overhead, **banning the reported user on the user's home instance + removing reported content should automatically resolve reports for remote admins as well**

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand this - what do you mean by remove admins? I was under the impression that admin reports only go to the local admin and doesn't federate. Why would you want to report something to an admin that is not of your own instance?

Do we need 3 options? I.e.:

  1. Report to community mods (regardless of whether they are local or remote users).
  2. Report to local admins (only my own instance's admins)
  3. Report to all admins (federate report to all admins the instance knows of)

That last options seems... excessive? I suspect I could be flooded with reports even if I only had a small instance. Is the "report to admins" you're talking about in this RFC number 2 or number 3?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think users should not have the ability to generate reports to ALL federated admins, however, I think when submitting a report to admins, it should always go to all relevant admins.

The set of relevant admins depends on context, there are three options:

  1. feddit.dk user reports a post by another feddit.dk user, which was created in a feddit.dk community
    • Only feddit.dk admins should get the report
  2. feddit.dk user reports a post by a lemm.ee user in either a lemm.ee or a feddit.dk community
    • Both lemm.ee and feddit.dk admins should receive the report
  3. feddit.dk user reports a post by a lemm.ee user in a lemmy.ml community
    • All of lemm.ee, feddit.dk and lemmy.ml admins should get the report

In the second and third scenario, it makes sense to automatically resolve reports for remote admins as well, when the user is banned on their home community & the reported content has been removed (because at that point there is no further actions any admin on any instance can take for that report).

However, if a feddit.dk admin bans the lemm.ee user first, the report should not be automatically resolved for lemm.ee admins, because they might still want to ban the user locally as well.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That makes a lot of sense - I don't think the way the RFC is written right now makes it clear that that is what you mean, perhaps explicitly talk about those 3 scenarios as it made it clear to me :)

* Reports in the "mod reports" tab can only be resolved by relevant mods. Admins can only resolve these if they are also explicit mods in the relevant communities.
sunaurus marked this conversation as resolved.
Show resolved Hide resolved
* To reduce overhead, **admins banning the reported user on the community instance OR the user's home instance + removing reported content should automatically resolve reports for mods as well**
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, was hoping to see this, otherwise we're increasing the workload for everyone.

* Reports in the "all reports" tab can not be resolved, they are only there for a read-only overview
* This is to prevent cases of admins accidentally preventing mods from moderating according to their own community rules

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Admins should have the power of overruling mods though. If mods don't like the admin of the instance where their community lives, they should find a different instance to host their community.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, but I don't think that's relevant for resolving reports. I mean, admins can always remove content, ban users, etc. This point is more about preventing admins from inadvertently hiding reports from mods.

* Admins can still always explicitly take over communities by making themselves mods, in this way, they are able to handle mod reports for any abandoned communities, etc

### Mods should be able to escalate reports to admins

This would generate a corresponding report in the admin inbox.
Comment on lines +51 to +53

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This sounds like a very nice thing to have.


# Reference-level explanation

* In the UI, changes are needed for both reporting as well as the reports inbox views
* In the database and API, we should split reports by intended audience
* Federation needs to be changed as well in order to allow distinguishing the report target audience

# Drawbacks

It might make reporting slightly more confusing for end users - the mod/admin distinction might not be fully clear to all.
Comment on lines +61 to +63
Copy link

@SorteKanin SorteKanin Feb 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another idea:

What if instead of saying

  1. Report to admins
  2. Report to mods

We say:

  1. Does this break a rule in this community? (this will report to mods)
  2. Does this break a rule on this server? (this will report to admins)

If we made rules actual data instead of just text, you could even imagine a follow-up question like

  1. Does this break a rule in this community?
    1. Breaks Rule 1: "Only posts relevant stuff".
    2. Breaks Rule 2: "Something something rule
    3. Something else (freetext reason)
  2. Does this break a rule on this server? (this will report to admins)
    1. Breaks Rule 1: "No bigotry"
    2. Breaks Rule 2: "No illegal activity"
    3. Something else (freetext reason)

Just as an example, hope that makes sense. I think such a flow would make it simpler for users.

However that could perhaps be pushed to further work and not necessarily be part of this RFC.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like the simple, less verbose options better: Report to Both, Report to Admins only, Report to Community Mods only

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the problem is that it's a non-obvious choice that the user might not be truly capable of answering. I imagine most users would ask themselves "how do I know whether it should go to an admin or a mod?". Some users might not even know the difference between an admin and a mod.

However, the user is more likely to be able to answer or at least find the answer when asked about the rules of the community or the rules of the server.

The follow-up questions for each specific rule would also make it a lot easier for the user to answer, as they would have pre-defined options. The user wouldn't even have to go look for the rules.

It's not like this is rocket science, Reddit does literally the same thing. I don't think we need to reinvent the wheel here.

So yes, it is more verbose but also a lot more user-friendly. Generally Lemmy is not too user-friendly at the moment and I think it can do a lot better in this aspect.


# Rationale and alternatives

Alternatively, we could make reporting **even more** granular. It would be possible to allow users to select only a specific instances admins as the intended report audience, for example.
However, I think this has several downsides:
* Makes the report UI even more confusing
* Potentially takes away valuable information from other admins (imagine a user only reports CSAM to their own instances admins, while leaving the offending post authors home admins in the dark)

# Prior art

Most other social networks allow users to select whether they are reporting a violation of community rules, or site rules as whole.

# Unresolved questions

Does ActivityPub properly support splitting up reports like this?
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can set the to and audience fields either to the instance url or the community url depending on the target.

https://github.com/LemmyNet/lemmy/blob/main/crates/apub/assets/lemmy/activities/community/report_page.json#L3