Overview

Users assigned to a custom role in Khoros Aurora may encounter issues accessing the spam moderation queue, despite having standard content moderation permissions. This occurs even when the role includes permissions like "Moderate Content." 

This behavior manifests as the Spam queue appearing as empty for affected users, while full admin/unaffected users are able to see the Spam queue contents.

Solution

Verify Symptoms and Role

• Symptoms:

  • Spam queue is inaccessible.

  • When inspecting the browser console, a GraphQL error appears:

    {
        "message": "Exception while fetching data (/spamMessages/edges[0]/node/message/author/roles) : ",
        "locations": [
            {
                "line": 369,
                "column": 3
            }
        ],
        "path": [
            "spamMessages",
            "edges",
            0,
            "node",
            "message",
            "author",
            "roles"
        ],
        "extensions": {
            "classification": "DataFetchingException"
        }
    }

📌 The above error basically pointed to an issue with the role not having permission to view the spam author roles. Given the way that permissions work in Aurora (About Aurora roles and permissions), this means that you will need to grant the role an additional permission in order to allow them to fully manage Spam.

Grant the Required Permission

To resolve the issue:

1. Go to the Admin Console > Settings > Users > Community Roles > select affected role > Edit.

2. Under Member Management, locate: Manage roles and bans in admin & member profiles

3. Set this permission to GRANT.
   This enables the spam queue to populate and function correctly for the role in question.
   ℹ️ The Manage roles in member profiles will attain the same effect, however, with more extensive permissions; you should be following the Aurora: Best practices: roles and permissions when deciding which permission is actual fit for this purpose
   

Review Security Implications

Granting this permission provides broader access than spam moderation alone:

• It allows users to manage roles, potentially including elevated roles like administrators (since moderation also includes viewing other user profiles and banning user profiles)

• Carefully assess whether this level of access aligns with your internal governance policies (Aurora: Permission descriptions)

FAQ

1. Why doesn’t "Moderate Content" alone allow spam moderation?

Because spam messages include metadata tied to user roles, additional permissions under Member Management are needed to resolve backend errors during spam queue loading.

2. What is the exact permission required?

"Manage roles and bans in admin & member profiles" must be granted. This is found under the Member Management section in the role's permission settings.

3. Can I restrict spam moderation without allowing role management?

Currently, no. A product enhancement is required to separate these capabilities.