Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Messages - Nao
6346
Features / Re: Privacy options
« on February 23rd, 2012, 05:15 PM »There isn't a master setting any more :P
See, post moderation is not just about filtering new posts... It's also about being able to unapprove posts (something we're still not doing, AFAIK...), which we won't be able to do if this happens. How about adding a master setting to the filter page...? Plus, it would allow admins to disable their filters without having to delete them, if that's not possible right now.
BTW I went ahead and looked at the page. I was a bit confused with the order. For instance, you can change the 'new post' or 'new topic' item after making new rules. I think it'd be more understandable if it was disabled, or hidden and repeated as a simple text string in the next fieldset. Also, the 'posting in these boards' thing may be confusing as well. I know that my direct French translation made me feel unsure about it. I changed it to 'posté dans ces sections', meaning 'postED in these boards', but I'm not sure it's the best.
Finally, it'd be nice to have slideDown animations, I think, instead of simple toggles. Perhaps a fade in for the "Save rule" button, because it's not always clear that the "Save filter" button is being hidden and replaced by another (even though the new one is inside the fieldset rather than outside). If it's going to be a wizard, it should be super-user-friendly, which right now I'm not sure it sure. I'd like to know your opinion on this.
Putting the WHERE clause in is more expensive than not having it. If it isn't necessary to test it, don't have that clause in.Quote ...I don't get it. If testing for m.approved=0, m.approved=1 or nothing at all, same performance. How can it be, since in the last case we're sure not to ever use the approved index...?
See, this is what I don't get: I'm saying that SMF/Wedge has t.approved tests done *only* if postmod_active is enabled, while m.approved tests are done without testing for postmod_active first. It seems to me that m.approved is slower than t.approved (because of relative table sizes), so it should be the one with systematic postmod tests, not the other way around...
Oh, it works. The only thing that doesn't work properly (out of what is shown) is the textual matches, when you're using any of the HTML special characters, they get encoded properly for sending, are stored properly but the regex doesn't apply them properly at this point.
Now you understand why I was so fussy about the whole loadBoard thing. loadBoard is supposed to deal with that.Quote Heck, can anyone actually view an unapproved topic if they don't have permission to, but they know its ID? Because I can't see any code to stop them in Display.php! Actually noisen.com/wedge.org do have such code, that's where it gets funny. Well, they don't add approved flags to the mix but at least they support 'justme' privacy.
I know in SMF if you have a topic whose ID you know but it's moderated, you can only see it if you're the owner or a moderator with suitable permissions, but it's enforced by loadBoard as far as I can tell, not by Display. Display assumes to a point that if you can see the board, you can see the topic.
6347
Features / Re: Privacy options
« on February 23rd, 2012, 03:53 PM »No, it shouldn't.Quote Well, if it's turned off, m.approved should no longer be tested against, should it...?
BTW, where the hell do I enable postmod?! Now that core features are gone... Well, I even made an admin search and didn't find any 'master' setting?!
(Okay, see below...)
No, you're still penalised either way. If you never check for it at all, you're basically assuming it's enabled whatever - and with the performance issues attached.
No. But in any case, moderation filters is quite a different beast. The way postmod_active works now is that if there are any rules to be applied (of any kind), postmod_active is true. No rules to apply (of any kind) = no post moderation. So there's a performance gain potential if you *never* use that feature.
Is it working, at least? Last time you didn't have the Save feature for it, so I left it aside but now I need to have postmod enabled just to test my code... :P
BTW, in Display.php, if you are in a topic that has approved=0 but postmod is disabled, you get an error message saying max() needs at least one entry. That's on line 838... I suppose that means $messages is empty even if I'm an admin and I can see said topic...
Which brings me to... Heck, can anyone actually view an unapproved topic if they don't have permission to, but they know its ID? Because I can't see any code to stop them in Display.php! Actually noisen.com/wedge.org do have such code, that's where it gets funny. Well, they don't add approved flags to the mix but at least they support 'justme' privacy.
I suppose I'll add query_see_topic to the query at line 122... But it's quite scary all of a sudden. I thought I was finished and I only had the UI left to do, but I WILL definitely have to go through every single query_see_topic occurrence in the noisen patch to determine whether it's needed... :^^;:
6348
Features / Re: Privacy options
« on February 23rd, 2012, 03:34 PM »Sadly, no. If it never checks for being enabled or not, but always checks anyway, there's a performance hit attached. It's just not one you can avoid by turning the feature off...
That's really more of an SMF issue; in their case, post moderation is a very specific feature, disabled by default, so you get penalised by default whether you use it or not.
I'm not exactly sure I remember what changes you made to the approval system, if any...?
In our case, I'm really expecting users to use it more than SMF users make use of post moderation,
6349
Features / Re: Privacy options
« on February 23rd, 2012, 11:58 AM »
Hmm... Are you implying that, if m.approved is always 0 (i.e. post mod never enabled), the performance penalty is actually 0, too? In which case, yes, I suppose it's fine to leave it in, but then maybe it should have been the case for t.approved as well...
6350
Features / Re: New revs
« on February 23rd, 2012, 11:56 AM »
rev 1378
(7 files, 3kb)
! updateLastMessages() should be accepting only a default privacy state for topics that will definitely be shown to everyone... (Subs-Post.php)
- Removed setupTopicPrivacy() function and integrated into loadUserSettings -- I hadn't noticed it was always called in SSI.php anyway. (Load.php, SSI.php)
* More semantic approved states and other minor fixes. (Load.php, ManageModeration.php, MoveTopic.php, Subs-Post.php)
! Fixed Search page's search icon not showing up in Wine. (Wine/index.css)
(7 files, 3kb)
! updateLastMessages() should be accepting only a default privacy state for topics that will definitely be shown to everyone... (Subs-Post.php)
- Removed setupTopicPrivacy() function and integrated into loadUserSettings -- I hadn't noticed it was always called in SSI.php anyway. (Load.php, SSI.php)
* More semantic approved states and other minor fixes. (Load.php, ManageModeration.php, MoveTopic.php, Subs-Post.php)
! Fixed Search page's search icon not showing up in Wine. (Wine/index.css)
6351
Features / Re: Privacy options
« on February 23rd, 2012, 11:40 AM »
Before I get to this long post which I haven't had time to read yet -- I noticed that many m.approved calls in Wedge do not test for postmod_active before, unlike ALL of the t.approved calls. I'm thinking this *might* be a problem...?
6352
Features / Re: New revs
« on February 23rd, 2012, 11:38 AM »
rev 1377
(16 files, 7kb)
+ The totally untested, yet probably flawless query_see_topic commit[1]. Every single topic approval test is now replaced. (Feed.php, MessageIndex.php, Profile-Modify.php, Profile-View.php, Search.php, Search2.php, Stats.php, Unread.php, UnreadReplies.php, Who.php)
! SMF 'bug': setting an is_approved to 0 is totally wrong semantically in ManageMaintenance and SplitTopics. Renamed variable to is_unapproved. Also renamed a few other variables which, although semantic, didn't fit the is_approved/approved_state grammar. (ManageMaintenance.php, Aeva-Gallery2.php, Subs-Media.php, SplitTopics.php, Subs-Post.php)
(16 files, 7kb)
+ The totally untested, yet probably flawless query_see_topic commit[1]. Every single topic approval test is now replaced. (Feed.php, MessageIndex.php, Profile-Modify.php, Profile-View.php, Search.php, Search2.php, Stats.php, Unread.php, UnreadReplies.php, Who.php)
! SMF 'bug': setting an is_approved to 0 is totally wrong semantically in ManageMaintenance and SplitTopics. Renamed variable to is_unapproved. Also renamed a few other variables which, although semantic, didn't fit the is_approved/approved_state grammar. (ManageMaintenance.php, Aeva-Gallery2.php, Subs-Media.php, SplitTopics.php, Subs-Post.php)
| 1. | And yes, it means that technically, the feature is supposedly implemented. Surprisingly it's a lot less entries than I thought it'd require... Unless it means that SMF's approval state is unsafe :P |
6353
Plugins / Re: Edit History
« on February 23rd, 2012, 11:21 AM »
Pete, do you think I should give up on the 'optimizations' of the action/user menus and instead use full URLs and full strings for all occurrences...? These would tend to gzip well, so it wouldn't eat too much bandwidth. Originally the optimization was meant to make Wedge load faster and better (on mobile or desktop), but maybe you think it's not worth the trade-off in terms of extensibility?
As for MediaWiki, the code is GPL but the concept/implementation algorithm isn't. Surely you can get inspired by it?
Posted: February 23rd, 2012, 11:20 AM
As for MediaWiki, the code is GPL but the concept/implementation algorithm isn't. Surely you can get inspired by it?
6354
Features / Re: New revs
« on February 23rd, 2012, 09:54 AM »
rev 1376
(7 files, 3kb)
+ Added support for mod_cache in query_see_topic, to be able to view topics from SSI or other non-board/non-topic-specific places. Hopefully it'll work. (Load.php)
- Removed $user_info['can_mod'], never used much. Replaced it with allowedTo('issue_warning') or allowedTo('access_mod_center') depending on what was required of it. (Display.php, Load.php, PersonalMessage.php, Security.php, Subs-Auth.php, Subs.php)
* This bq test for 0=1 is never executed, because it's caught a few lines before. (ModerationCenter.php)
(7 files, 3kb)
+ Added support for mod_cache in query_see_topic, to be able to view topics from SSI or other non-board/non-topic-specific places. Hopefully it'll work. (Load.php)
- Removed $user_info['can_mod'], never used much. Replaced it with allowedTo('issue_warning') or allowedTo('access_mod_center') depending on what was required of it. (Display.php, Load.php, PersonalMessage.php, Security.php, Subs-Auth.php, Subs.php)
* This bq test for 0=1 is never executed, because it's caught a few lines before. (ModerationCenter.php)
6355
Features / Re: Privacy options
« on February 23rd, 2012, 08:26 AM »There is an override in loadMemberData that if you're an admin, the badge won't be overridden by the moderator badge.
They do get all the related permissions automatically,
but on top of that a plugin or whatever can expressly check for being a moderator with that in_array check, should they want to do so (as opposed to checking allowedTo(moderate_board))
Hell yes. The biggest complaint I've had is taking into account approve-posts permission - and there it is, right there, pre-cached and 'dealt with' already.
Can you share your opinion on this? It's untested...
<?php
$user_info['can_skip_approval'] = empty($settings['postmod_active']) || allowedTo(array('moderate_forum', 'moderate_board', 'approve_posts'));
$user_info['query_see_topic'] = '
(
t.id_member_started = ' . $uid . ' OR (' . ($user_info['can_skip_approval'] ? '' : (empty($user_info['mod_cache']['ap']) ? '
t.approved = 1' : '
(t.approved = 1 OR t.id_board IN (' . implode(', ', $user_info['mod_cache']['ap']) . '))') . '
AND') . '
(
t.privacy = \'default\'
OR (t.privacy = \'members\')
OR (
t.privacy = \'contacts\'
AND t.id_member_started != 0
AND FIND_IN_SET(' . $uid . ', (SELECT buddy_list FROM ' . $db_prefix . 'members WHERE id_member = t.id_member_started))
)
)
)
)';I have a headache -- literally this time. So, hard to focus.
Also, I thought you were still working on it at present?
After all, it's not like adding query_see_topic will break anything. It can be done gradually :)
I think renaming it would help, but I think overhauling the UI will help even more in the long run - but the rename is good for now.
The implication is that a surprising amount of places simply do not use the underlying functions to confirm access at all. I discovered this last night - Display for example does not itself do {query_see_board} in the topic to validate access to the topic, it relies on loadBoard having already done it.
Point is... make *sure* loadBoard is working correctly as far as access to boards goes, and to topics if a topic is specified, and that has a lot of knock-on effects, not just for display, but anywhere ?topic is in the URL (e.g. attachments, remove topic, just to name two)
See, the notion of having a single group or contact list never actually occurred to me, I assumed right off the bat that multiple lists was the aim.
I just said that if we have to store an extra integer for the contact list ID, then we might as well enable Wedge to store a group ID in that same place...
I'm not nearly familiar enough with what UP offers, perhaps I should learn!
Right now, it's 'relatively' cheap. It's still fixed-length rows, but the minute a text field is added to it to contend with the whole aspect of multiple groups attached to it, it's going to get expensive (and the alternatives, like SET columns, aren't really good alternatives).
I understand the nature of their complaint on it - being a binary state field, you can't actually optimise it that heavily in an index. An index works best if it's selective, or at least sufficiently distributed such that picking a value excludes a sizeable percentage of the rest of the table. approved being a two-state field is never going to exclude vast amounts of the tableset so you never get any advantage out of indexing it.
We'd actually get more benefit from keeping an accurate track of moderated posts in a topic and topics with moderated posts in a board - so if there's nothing that has pending moderation status in that board or topic, don't perform that test.
Because you don't have to expressly store it in the table then. For example, if you handle 'view replies' as a permission, you can simply exclude massive portions of the table, very cheaply.
The test is really (privacy = contact AND privacy-list IN (user contact lists)), isn't it? Since the user's contact list will be part of the user's own data and thus available for query insertion?
So it's faster, then? Indexable?
(Sorry, technical issue caused bump :P)
6356
Features / Re: Privacy options
« on February 22nd, 2012, 05:40 PM »They get their name on the linktree, on the board index and their badge is altered on the fly.
They're also, silently, added to group 3 when in that board, which means you can do permissions checking in that respect.
Don't they automatically get all post/topic-related permissions, more simply?
Again that's the historical aspect. It was never supposed to be entirely based on the permission but showing you the area if you could do at least one thing there - much as you get access to the admin tab if you can do any of the admin like features (e.g. news, manage permissions, manage membergroups etc.)
DOOOO EEEET. Basically, yeah, it was a historical thing that was never quite realised the way it was intended.Quote And the ONLY place it's used (although it's repeated a couple of times), is whether the user can see the Warning button on a userbox...
That smells like "REMOVE!" to me...
Heck.
allowedTo('issue_warning').
This must be some kind of a joke... I mean, moderators get the 'right' to see the Warning button, but then if they try to click it (from what I gather), they'll get kicked out because area=issuewarning only checks for issue_warning perms to be set...
And AFAIK, this kind of permission isn't given automatically to moderators.
Which is virtually how 1.1.x did it, except it still created proper per-board permissions rather than having discrete profiles.
I wasn't very clear on that point. I knew of the mod cache subsystem, but I wasn't aware of all the details and precisely what it covered - namely the ap element.
But combine the places it is used, with the knowledge of what it actually contains and it becomes rather clear (to me at least) what it was intended for. It's like having 3/4 of the pieces of the puzzle and then suddenly you find that last piece and it all suddenly makes sense.
Tell you what. How about you look into it a bit? Now that my work is committed, you may want to simply deal with it by yourself, because nobody will deny you the fact that you're one of the most knowledgeable SMF/Wedge devs when it comes to permissions. And optimization.
Oh, it's horribly confusing, which is why I didn't even implement it in SimpleDesk but left it simply as the ability to copy a role, rather than to mirror it.
So, do you think we should rename..?
The other thing with the mirrored permissions is that most mods for SMF never used them properly - not even SimpleDesk got it right, and I don't believe Aeva did either.
(Case in point, I reordered all the groups on my one site to have a bunch of groups, one per user, for unique badges/titles because I'm like that. Each of these new groups was based on a higher group that controlled permissions - but neither SD nor Aeva responds to the child groups properly and I had to end up assigning the permissions in both to all the groups, not just the parent group.)
Dragooon, are you reading this?
I like the idea but I'm concerned it would potentially lead to greater complexity.
I'm also not sure you can actually optimise it *that* far, though, and there's a lot of places that use ?topic in the URL to handle permission loading.
Storing it in the topics table is going to hurt. Storing it outside the topics table is going to hurt too, just in a different way, and neither is lightly ignored.
Putting it in the table as a textual id with a list of groups means the query becomes WHERE t.privacy = something OR (t.privacy = 'groups' AND FIND_IN_SET(...)) which is expensive enough.
When it comes to contact lists, would be a sub-select. (Pretty much like what UltimateProfile does...)
Meanwhile, putting it in a separate table means either a subquery, or a join, both of which being applied to potentially every topic in a board (or worse) to validate access is going to get very unfriendly very quickly.
Now, of course, this performance issue would only happen for members (guests and admins are easily discarded), and only for topics/thoughts where a non-default choice is set... (And when it comes to topics, it's always fast enough to scan that table innit?)
I don't think you're crazy, but I also don't think there's a good way to achieve this meaningfully for topics.
Regarding applying it to thoughts, I'd actually be inclined to handle that in permissions (permission to post, permission to read, permission to read replies, permission to reply, etc.)
Oh, another possibility...
topic has privacy set to contact list = 42.
user is in contact lists 41 and 42.
user wants to view. Test is done on "privacy=contacts_41 OR privacy=contacts_42". Well, obviously that would make a VERY long query if user was in thousands of contact lists, but then we're pretty sure it's only ONE field that's indexed... Even if it's a string field by now.
:^^;:
6357
Features / Re: New revs
« on February 22nd, 2012, 04:32 PM »
rev 1375
(4 files, 11kb)
+ Started implementing this dreaded feature of mine -- topic privacy. Please note that (1) query_see_topic is not set in stone yet. For instance, it doesn't make use of mod_cache (yet), for better or for worse. Also, (2) database structure is still being discussed. I'm just taking the longer way until we decide whether we simplify it or not. (install.sql, Display.php, Load.php)
* Updated thought privacy feature to use the same terminology as topic privacy. (install.sql)
* Implemented the no_prevnext variable that's used to determine whether to show the previous/next topic box. (Display.php)
! ssi_topPoster() needed a $settings global. (SSI.php)
(4 files, 11kb)
+ Started implementing this dreaded feature of mine -- topic privacy. Please note that (1) query_see_topic is not set in stone yet. For instance, it doesn't make use of mod_cache (yet), for better or for worse. Also, (2) database structure is still being discussed. I'm just taking the longer way until we decide whether we simplify it or not. (install.sql, Display.php, Load.php)
* Updated thought privacy feature to use the same terminology as topic privacy. (install.sql)
* Implemented the no_prevnext variable that's used to determine whether to show the previous/next topic box. (Display.php)
! ssi_topPoster() needed a $settings global. (SSI.php)
6358
Features / Re: Privacy options
« on February 22nd, 2012, 04:12 PM »
Back to topic, too...
This is defined in my local copy in the topics table:
privacy enum('default', 'members', 'groups', 'contacts', 'author') NOT NULL DEFAULT 'default',
(Also, a TEXT field named 'tags', which will most likely be useful in the future.)
Okay, what I want to say... 'author' is 'justme' (I just renamed it), 'contacts' is 'friends'.
Now, what about 'groups'. It's the same issue as with thought privacy: should we allow a specific group to read the topic/thought? I thought, yeah why not, just get a list of the user's current groups (or all groups for an admin or moderator), and list them as choices. This is most interesting for Wedge.org's thoughts, because all earlier thought replies are set for membergroup=18 (friends) only. Oh, probably also the wedgeward and consultant groups. Anyway... So, we CAN get rid of it for Wedge, the main argument being that this is opening the door to increased complexity.
Now, the thing is, I certainly want people to be able to select a *contact list* for thoughts and topics... i.e. not available to my colleagues, but available to my family. Which pretty much forces me to introduce a privacy_id field or something. So, might as well use that to store group IDs... I don't know.
So, the questions would be:
- leave 'groups' in as a possibility? Can always be removed later...
- add a 'privacy_id' field?
- best solution for performance? What should the extra index(es) look like?
- am I chasing a mirage, or just plain crazy?
This is defined in my local copy in the topics table:
privacy enum('default', 'members', 'groups', 'contacts', 'author') NOT NULL DEFAULT 'default',
(Also, a TEXT field named 'tags', which will most likely be useful in the future.)
Okay, what I want to say... 'author' is 'justme' (I just renamed it), 'contacts' is 'friends'.
Now, what about 'groups'. It's the same issue as with thought privacy: should we allow a specific group to read the topic/thought? I thought, yeah why not, just get a list of the user's current groups (or all groups for an admin or moderator), and list them as choices. This is most interesting for Wedge.org's thoughts, because all earlier thought replies are set for membergroup=18 (friends) only. Oh, probably also the wedgeward and consultant groups. Anyway... So, we CAN get rid of it for Wedge, the main argument being that this is opening the door to increased complexity.
Now, the thing is, I certainly want people to be able to select a *contact list* for thoughts and topics... i.e. not available to my colleagues, but available to my family. Which pretty much forces me to introduce a privacy_id field or something. So, might as well use that to store group IDs... I don't know.
So, the questions would be:
- leave 'groups' in as a possibility? Can always be removed later...
- add a 'privacy_id' field?
- best solution for performance? What should the extra index(es) look like?
- am I chasing a mirage, or just plain crazy?
6359
Features / Re: Privacy options
« on February 22nd, 2012, 03:58 PM »This is a special case by definition because you can be a moderator on a board without being a board moderator (and without being a global moderator) It is this level of complexity that actually makes SMF so difficult to configure, even if conceptually/codewise using the permissions system is made so easy.
can_mod, supposedly, is 'I can moderate somewhere' while is_mod is 'I can moderate *here*'. Primarily IIRC can_mod was supposed to be used to control access to the moderation centre but this changed in RC4 when fixing a related bug.
can_mod is "do I have access to the moderation center[1], or am I allowed to moderate at least one membergroup or board, or approve posts to some extend?"
That's a hell of a vague setting to me...
And the ONLY place it's used (although it's repeated a couple of times), is whether the user can see the Warning button on a userbox...
That smells like "REMOVE!" to me...
there was a *reason* profiles were adopted instead of local/global board permissions, and that was to simplify applying the same permissions to multiple boards at once.
For instance - just an idea - one could simply 'hide' them profiles at first. You set up permissions for a board. Then when you create or edit another board, you get the ability to apply another board's permissions. At which point, its permission profile is used. Otherwise, a new permission profile is created for the new board. Only problem is the 'default' name for these profiles.
This brings us to the mod cache - whose sole existence, if I'm any judge, is to mitigate the very performance issues that I'm getting at.
Hey Aaron, this one's for you... There's Doctor Who on the telly (France 14 channel), dual language, I switched to English of course, and just a minute ago the Doctor said his line from your signature, "after all this time..." It made me smile :)
For example, if you have two or three 'teams' that are all, practically speaking, global moderators but have different badges, the correct thing to do is make new groups for each team that all inherit from a parent group so you manage the permissions centrally - but most don't.
The really sad part is, I don't have an answer yet. I've had bits of answers floating around and my gut instinct is to dump SMF's permissions core and merge in SimpleDesk's in some respects but that's not really where I want to go with this.
| 1. | Instead of the other way around... In that respect, I don't know why Load.php has $context['allow_moderation_center'] = $context['user']['can_mod']; at some point when it should be using the permission, directly... |
6360
Features / Re: Privacy options
« on February 22nd, 2012, 01:55 PM »
The #1 issue with all this is that there are too many things to go through if you don't know better. (Heck, even if you know better...)
- Have I got approve_posts permission on this board? (allowedTo('approve_posts'), $user_info['mod_cache']['ap'])
- Have I got moderate_board permission on this board? (allowedTo('moderate_board'), $user_info['mod_cache']['bq'])
- Am I a moderator on this board? ($user_info['is_mod'], $user_info['can_mod'], $user_info['mod_cache']['bm'])
And so on. At this point, it becomes really unclear what 'can_mod' is for, why 'is_mod' is reset in SSI when really it could be using the mod_cache, etc...
There's a strong, huge feeling that SMF has been overhauled many times when it comes to permissions, and once again different developers had their own idea of how to make it 'simpler', and failed to make them commonly used. That mod_cache thing is saddening, because it's exactly what's needed (a session cache of some expensive queries), but also it doesn't save everything it could ($boards meaning the list of boards you have moderate_board on, is not in it, even though it's calculated), it's not clear what the difference between being a board moderator and having moderate_board permission is, and finally I'd tend to say that using acronyms for permission names is a bit silly. mod_cache is only accessed exactly 30 times in the entire codebase (plus the 3 times it's set up), so it's not like it's so complicated to type $user_info['mod_cache']['board_query'] instead of $user_info['mod_cache']['bq']... Plus, it makes the thing easier to understand.
Have you got some thoughts to share on all of this, Pete..?
- Have I got approve_posts permission on this board? (allowedTo('approve_posts'), $user_info['mod_cache']['ap'])
- Have I got moderate_board permission on this board? (allowedTo('moderate_board'), $user_info['mod_cache']['bq'])
- Am I a moderator on this board? ($user_info['is_mod'], $user_info['can_mod'], $user_info['mod_cache']['bm'])
And so on. At this point, it becomes really unclear what 'can_mod' is for, why 'is_mod' is reset in SSI when really it could be using the mod_cache, etc...
There's a strong, huge feeling that SMF has been overhauled many times when it comes to permissions, and once again different developers had their own idea of how to make it 'simpler', and failed to make them commonly used. That mod_cache thing is saddening, because it's exactly what's needed (a session cache of some expensive queries), but also it doesn't save everything it could ($boards meaning the list of boards you have moderate_board on, is not in it, even though it's calculated), it's not clear what the difference between being a board moderator and having moderate_board permission is, and finally I'd tend to say that using acronyms for permission names is a bit silly. mod_cache is only accessed exactly 30 times in the entire codebase (plus the 3 times it's set up), so it's not like it's so complicated to type $user_info['mod_cache']['board_query'] instead of $user_info['mod_cache']['bq']... Plus, it makes the thing easier to understand.
Have you got some thoughts to share on all of this, Pete..?