Skip to next paragraph for the main expanation.
I have a user "BoredAuthor" who was one of my admins. He was hacked a few months ago (most likely possibility, but no contact has been made to me since. He was most likely brute forced.) And has not been banned yet. I tried messaging the account, but I get an error 500 with chrome html (??? I am on chrome but the site has custom errors). Other users do not have a problem with replies so I assume it's fine. I tried from two computers but still no success. I have exiled the account twice so far. He continues to rejoin the group and post bad things. Whoever hacked him is probably a little kid. -_- He renamed every one of my group assets to something to do with poop and such and kicked all of my users.
How group banning would work:
Permissions: Only user's friends with permission to ban (in group permissions) can ban. When a user is banned by a friend, the owner is notified with the friend's reason (in the style of a report) and the owner has the option to accept or decline. Before the request is declined, the user has no permissions whatsoever and all of their most recent changes to group assets (if that was the last change, place updates and asset updates are reverted). All of that would give the owner time to investigate. If it's accepted the before effects remain until an unban and a report is sent to wherever those go. If it's declined, the effects are reverted. When a user is banned, the owner can unban them to revert the affects and allow access to the group. |