Ticket #11405 (closed PLIP: wontfix)

Opened 5 years ago

Last modified 5 years ago

User admin can disable a user

Reported by: djay Owned by:
Priority: minor Milestone: 4.x
Component: Unknown Version:
Keywords: Cc: garbas

Description (last modified by garbas) (diff)

Proposer: Dylan Jay
Seconder: None as yet

Motivation

Deleting users with lots of content can take a long time, cause conflicts during that time, and can also break applications that rely on owner information being retained even after that user has left. There should be a way for users to be deactivated such that the site is left unchanged but that user can never login again.

Assumptions

Scope is method to ensure no login or user creation occurs (probably in PAS) and all UI that deals with user selection will not include the deactivated user (e.g. sharing tab). Undetermined if deactivated users are listed in "users and groups" configlet, or treated as if they are deleted.

Proposal & Implementation

PASPlugin + UI changes to interact with that PASPlugin. PASPlugin will list deactivated users, ensure they can't login and ensure no other user can be created with the same name.

Deliverables

TBD

Risks

TBD

Participants

Who is signed up to do the work? (Real names and usernames, please)

Rok Garbas, garbas (after work on PLIP #10886

Progress

No implementation exists to authors knowledge.

See IRC transcript for implementation discussion

3:18 djjay neaj: it would be nice if plone had a disable user feature though

3:18 davisagli djjay: +1

3:19 garbas djjay: plip it +1

3:19 neaj djjay: commit subtransactions often to minimize conflicts?

3:19 davisagli garbas: question is where is the proper place in the stack to filter out inactive users PlonePAS I guess

3:19 garbas davisagli: pas yes

3:20 djjay yes. put them into an inactive pas plugin and make sure it vetos any login and any new users created with that name I guess

3:20 garbas but when somebody asks for Fullname it should provide it

3:21 davisagli djjay: yeah, that's probably good...so you can still deactivate a user even if it comes from some other source

3:23 djjay davisagli: and you could remove it from the inactive list if you actually deleted the user and wanted to reuse the userid davisagli: would need UI changes I'm guess in users UI and sharing UI

3:24 davisagli djjay: yeah

3:25 garbas djjay: if you paste last lines from #plone you have enought for plip

Change History

comment:1 Changed 5 years ago by djay

  • Description modified (diff)

comment:2 Changed 5 years ago by garbas

  • Cc garbas added
  • Description modified (diff)
  • Milestone set to 4.x

comment:3 Changed 5 years ago by garbas

  • Description modified (diff)

comment:4 Changed 5 years ago by rossp

  • Status changed from new to closed
  • Resolution set to wontfix

PLEASE READ THIS AND RE-OPEN VALID PLIPS!

As we launch the new PLIP process we'd like to see which PLIPs:

  • are still appropriate/needed
  • still have owners/proposers/champions
  • still have available implementers

If this PLIP should still be considered for future releases of Plone please do re-open this ticket and assign an appropriate milestone. If it should be considered for the next release of Plone, use the 4.2 milestone. Also be sure to update the PLIP description, requester, owner, etc. and include a comment detailing recent progress and new plans. We will use all these details in the new continuous PLIP process.

Note: See TracTickets for help on using tickets.