Moderation / trust & safety

[ailisp]

Background

There are spamming posts on Devhub and we want to prevent these posts.

Requirements

• Requirement 1: Need a way to force people to comply with our Code of Conduct
• Requirement 2: Need a way for people to report a post & a mechanism for moderators to receive those
• Requirement 3: Need a way to moderate: Hide/delete a post
• Requirement 4: Need a way to ban specific users
  • When I ban a user, it will:
    • Remove all of their previous posts
    • Prevent them from creating future posts

Technical Details

We will need to add these feature to smart contract, on SocialDB and the frontend.

For requirement 1, when user log on to the new version of DevHub, we can check if there is a marker set in SocialDB that he has accept the code of conduct. If not, a Code of Conduct dialog should pop up and ask the user to click accept the terms. The button will store the marker to SocialDB so the dialog won't popup next time. (Estimation: 1 day)

For requirement 2, their should be a new type of action added in smart contract, we can it report_post. Techincally it's similar to the implementation of like_post, and store post flagged by certain user at certain timestamp on smart contract. And instead of notification to the author, it notifies moderators, which is update all moderators SocialDB entry of notification. And also update notification type to display notification of "Post Reported" type properly on gateway. (Estimation: 3 days)

For requirement 3, on contract side this should be supported, mark a post to be hidden or deleted. I suggest to call this action delete_post. Only moderators are allowed to perform this action. When call delete_post, It will set the newly introduced field post.deleted to true. Also update add_post, edit_post and like_post to not allow add comment, edit or like a deleted post. Also, delete_post will cross contract call the SocialDB contract to notify the author that his post is flagged.

On indexer, all post feeds or search result for frontend should filter deleted=false posts, so deleted posts won't appear in frontend.

On frontend, the top level deleted posts won't show up due to indexer has filter out these posts. Frontend should filter out non top level deleted posts, when rendering post comments, and if it's deleted, skip render it and hence itself and all its children are hidden. When rendering posts, it also show up icon for moderators to call delete_post. Also on frontend, once a deleted post type is accessed directly via id, it should display some empty placeholder saying "This post is deleted due to violation of the Code of Conduct". If a deleted post's child post is accessed directly via id, it can be displayed, so it won't affect non violation post link to be shared with others. Finally, update the notification item widget to display "Post Flagged" notification to the author on gateway's notification feed.

(Estimation: 1 week)

For requirement 4, on contract side add a ban_user function that delete all posts of the author, and store the user_id in a new UnorderedMap called blacklist. When a user try to perform add_post action, first check if he is in blacklist and prevent if so. On frontend side, at post editor page display a banner to the user if he is blacklist, and prevent him to use the post editor. (Estimation: 1 day)

Overall: 2 weeks and I will break down these to 4 separate tasks, each for one major requirement.

### Tasks
- [ ] https://github.com/near/neardevhub-widgets/issues/493
- [ ] https://github.com/near/neardevhub-widgets/issues/541
- [ ] https://github.com/near/neardevhub-widgets/issues/542

[ailisp]

After discussing with @gabehamilton we have an alternative way which heavily rely on indexers and SocialDB to do the moderation. Demonstrate below:

• Requirement 1: Need a way to force people to comply with our Code of Conduct

This isn't changing, we still store this information still stores on SocialDB, so estimates to take 1 day.

• Requirement 2: Need a way for people to report a post & a mechanism for moderators to receive those

Fork and use this menu component to report a post, which stores the reporting and hiding information to SocialDB. The difference between reporting and hiding is that, reporting if approved by moderators, will be apply globally to DevHub. Hiding is a local preference that's effective only to current account.

Then implement an indexer to collect reports into a similar table like this moderation_reporting table. The indexer code can also be fork from dataplatform.near/moderation indexer with minor changes.

This indexer also calculate moderation decisions from indexing moderators' approve transactions and also who should be considered as moderators are determined by this indexer. Then indexer puts the result in the moderation_decisions table.

This indexer will also create a view, similar to the moderated_posts, which joins devhub indexer's posts_with_latest_snapshot and filter out those moderated posts.

Then we should fork the Moderator interface widget for moderators to see those reports.

Given the uncertainty introduced in setup and debug QueryAPI indexers, this step takes estimated to take 3 days.

• Requirement 3: Need a way to moderate: Hide/delete a post
• Requirement 4: Need a way to ban specific users
  • When I ban a user, it will:
  • Remove all of their previous posts
  • Prevent them from creating future posts

Using this approach these requirements are handled together.

For hide a post, the frontend needs to futher apply user's hiding settings, created by the menu component described in requirement 2.

For delete a post and delete all posts from certain users, these are already done in the indexer in requirement 2.

This step estimates to take 1 day.