I made a profile with a password and set the file folder to "Me Only" I also set the download settings to "Me Only"
My question is as the ADMIN do I have the ability to see the files and also download them? I signed in as a demo member and I could not see the file. PLEASE THIS IS extremely important to understand? Is this a possible IP issue? Please advise as I need to know without a doubt that those files can't been seen if those settings are set to "Me Only"
I uploaded the file not as the admin but was able to see the file when I logged in as the admin...
Csampson |
Dolphin by default is very iffy when it comes to what an admin can see and what an admin can not. Sometimes admins have access and sometimes they don't. You can check to see in the code if IsAdmin() is used or not; that may be isAdmin() I am unsure the exact case used. Geeks, making the world a better place |
i think The administrator is allowed to watch and download all the activity
for other members if you put me only I assure you it can not download, he can see it but can not download
|
I uploaded the file not as the admin but was able to see the file when I logged in as the admin...
As it should be. As GG states, it is only certain items.
Members photos marked private are not seen by admin on front side, but can seen in the module side.
ManOfTeal.COM a Proud UNA site, six years running strong! |
Well I have tested it with several login names and I can't see anything all I see is private file that's what I want. I am wondering if there is any other test that I can do to test this? Any ideas? If someone can see or download someones contract I would get sued... Csampson |
Well I have tested it with several login names and I can't see anything all I see is private file that's what I want. I am wondering if there is any other test that I can do to test this? Any ideas? If someone can see or download someones contract I would get sued...
Yes there is another test.
If you have a second admin account than login a look with that one. You need to also look at it with an admin account that was not used to upload them.
https://www.deanbassett.com |
This is indeed an important matter and boonex should allow some sort of decision for site admins on this.
By this I mean -
scenario a -
you don't want to be responsible for what your members post (think dotcom situation with megapload site) and so if you can't see what people are posting privately you can indeed claim ignorance in a court of law if something illegal is happening on your site.
scenario b -
you DO want control over your community and wish, as admin, to curb potentially illegal activity from your members to protect your community as a whole.
I have a social network and don't care what my members post, passing on to them the responsibility of what they post. But i want to have the 'authority' to withdraw anything I consider abusive, racist, etc...to protect my community. So I work with scenario B.
|
I was looking at privacy the other day and noticed that the admin can see everything members upload, EXCEPT private items Dedicated servers for as little as $32 (28 euro) - See http://denre.com for more information |
I agree because saying we really didn't have a policy and really were not sure how it worked is not the answer the lawyer, jury or judge is going to accept. Hmmm let me correct that the lawyer suing you will love it. The defense attorney will start having sweat beads forming on his forehead. The jury will just add $10,000,000 to the judgement and the judge just said in his mind guilty no matter what the jury thinks...
This is indeed an important matter and boonex should allow some sort of decision for site admins on this.
By this I mean -
scenario a -
you don't want to be responsible for what your members post (think dotcom situation with megapload site) and so if you can't see what people are posting privately you can indeed claim ignorance in a court of law if something illegal is happening on your site.
scenario b -
you DO want control over your community and wish, as admin, to curb potentially illegal activity from your members to protect your community as a whole.
I have a social network and don't care what my members post, passing on to them the responsibility of what they post. But i want to have the 'authority' to withdraw anything I consider abusive, racist, etc...to protect my community. So I work with scenario B.
Csampson |
Need to start compiling a list; what Admin can do, see, download, edit, etc.
Then if you need to change that, it is time to start editing code. Normally, Admins can edit content, such as a file description, or in the case of blog posts, can edit or delete the blog post and they can do this from the front end, not the backend.
Geeks, making the world a better place |
