Group Audit Log permissions ignore other group permissions

SkyyOrbs · January 18, 2022, 10:13am

Reproduction Steps
Create a group, then create a Moderator role with permissions to modify the group wall, kick members, and see the Audit Log. Disable permissions for other actions like creating/editing games and spending group funds.

Expected Behavior
A player assigned to this Role should be able to view the Audit Log to view wall message deletions and membership kicks.

Actual Behavior
Instead of only being able to audit actions which this moderator role has permissions to perform, a moderator can see all group activities through the audit log, including ones they don’t have permissions to perform. For example:

Save/Publish Place/Configure Group Experience (leaks game updates)
Spend Group Funds (leaks game revenue)
Create Pass/Create Group Item (leaks upcoming game features)

Issue Area: Roblox Website
Page URL: Roblox
Impact: Moderate
Frequency: Constantly

buildthomas · January 18, 2022, 11:14am

This should be in feature requests – I don’t think there was ever any intention to only see group logs in the scope of the actions you can perform. That’d be a new feature, not a bug.

BitwiseAndrea · January 18, 2022, 11:11pm

The behavior you describe is intended. The “view audit log” permission allows users with a roleset with that permission to view everything in the audit log.

nightend16 · February 10, 2022, 6:00am

This topic was automatically closed after 7 days. New replies are no longer allowed.