Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

As a superuser, I would like a button to delete a user #4475

Open
laertecchla opened this Issue Feb 26, 2018 · 31 comments

Comments

Projects
None yet
5 participants
@laertecchla
Copy link

laertecchla commented Feb 26, 2018

Hi, I would like to have a delete button on the Manage Users page in order to exclude an account. Is it possible?

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Feb 26, 2018

@laertecchla thanks for your feedback.

For more context, @laertecchla and I were discussing the lack of a delete button on the "Manage Users" table in the dashboard I explained how to use curl as a workaround to delete the user: http://irclog.iq.harvard.edu/dataverse/2018-02-26#i_63734

@ajs6f

This comment has been minimized.

Copy link
Contributor

ajs6f commented Mar 16, 2018

As of now, as far as I can tell, the "Manage Users" page is actually just a list of users, and the only options available are the "Superuser" check box or "Remove All Roles". Do I understand correctly that any other management task is to be performed using curl or other HTTP client?

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Mar 16, 2018

@ajs6f good point. What other users managements tasks would you like to perform?

@ajs6f

This comment has been minimized.

Copy link
Contributor

ajs6f commented Mar 16, 2018

I don't think they are unusual: Add/remove users, edit user metadata, issue password resets, add/remove roles, etc.

@ajs6f

This comment has been minimized.

Copy link
Contributor

ajs6f commented Mar 16, 2018

As a side note, this is not just a convenience for me: I will be filing a bug in a few minutes that in our new evaluation installlation, new users (who sign themselves) up are created with no roles at all (I checked the db to be sure) and the UI is failing for them. I would like to quickly correct that situation for at least some users so that we can go on with our evaluation of the product, but it now seems that I will have to learn something of the Dataverse API to do it. I.e. this issue is preventing us from even evaluating Dataverse as a product.

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Mar 16, 2018

@ajs6f I'm sorry to hear about your trouble. Please do open that issue because I'm confused about why the UI is failing for new users (not having any roles is normal).

#2029 was closed a while ago for security reasons. It has a title of "SuperUser: grant ability to see and edit all user info and reset passwords (like we did in 3.6 as network admins)" and it referred to the previous generation of Dataverse, which was DVN 3. I'm not sure what the current thinking is.

@laertecchla do you and @ajs6f want the same things? Originally, you only wanted a delete button. I'm asking because we try to work in small chunks. The smaller the change, the faster it moves across our kanban board at https://waffle.io/IQSS/dataverse

@ajs6f

This comment has been minimized.

Copy link
Contributor

ajs6f commented Mar 16, 2018

I didn't mean to hijack this ticket. If you want to split up my larger request for different user management functions and leave this one as delete only, that's fine with me.

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Mar 16, 2018

@ajs6f the conversation is way more valuable to me than our process, but yes, we might end up breaking the work into smaller issues, as needed. First I want to understand what the needs are. I do agree that the things you're asking for are very common in the type of software Dataverse is. I tend to think of it as "enterprise" software but maybe there's a better term for it.

@laertecchla

This comment has been minimized.

Copy link
Author

laertecchla commented Mar 19, 2018

@pdurbin I haven't understood what @ajs6f wants at all. Yes, I only wanted a delete button in order to exclude a user...

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Mar 19, 2018

Heh. Ok, thanks, @laertecchla

@ajs6f if you would create a new issue about the user management functions you're interested in, it would be most appreciated!

@ajs6f

This comment has been minimized.

Copy link
Contributor

ajs6f commented Mar 19, 2018

I'd rather take the conversation over to #4515 for now, for reasons that will become apparent in my next comment to that ticket.

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Jul 13, 2018

@laertecchla are you still interested in a delete button for users? You might be interested in the " User accounts - should users be able to request deletion of their accounts?" thread at https://groups.google.com/d/msg/dataverse-community/nGVCS5L3vPk/GSjkx1-xCAAJ

@laertecchla

This comment has been minimized.

Copy link
Author

laertecchla commented Jul 18, 2018

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Jul 18, 2018

@laertecchla you're welcome. Are you still interested in this issue? If so, can you please give it a more specific title?

@laertecchla

This comment has been minimized.

Copy link
Author

laertecchla commented Jul 18, 2018

@pdurbin pdurbin changed the title Admin Manage Users how can I delete a user created for tests? Jul 18, 2018

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Jul 18, 2018

@laertecchla the new title sounds fine to me so I changed it. It reminds me of #1929 and you might find some useful information in there. If not, please let us know how we can help!

@laertecchla

This comment has been minimized.

Copy link
Author

laertecchla commented Jul 20, 2018

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Jul 20, 2018

@laertecchla it's Phil not Peter but that's ok. 😄

Like this:

curl -X DELETE http://localhost:8080/api/admin/authenticatedUsers/sparrow
@laertecchla

This comment has been minimized.

Copy link
Author

laertecchla commented Jul 20, 2018

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Jul 20, 2018

@laertecchla as #2419 says, "Removing the account altogether would create a hole in existing datasets." It sounds a little scary to me to give superusers a button to click that deletes a bunch of datasets. What if the datasets have been published and have a real DOI and that DOI has been cited? We use a special word for deleting published datasets: destroy. And we don't offer a button for datasets to be destroyed. You have to use the API (but it's not currently documented, which is what #2593 is about).

Is this helping? Please keep the questions coming? We should be figuring out what the "definition of done" is for this issue. 😄

@adam3smith

This comment has been minimized.

Copy link

adam3smith commented Mar 14, 2019

We'd like such a button (for superusers), too. Not urgently, but it'd be more convenient than to use the API. The issue with owned content is very real, though. Here's what Drupal offers when deleting user accounts. Maybe DV could consider something similar, potentially without the delete user and content option?
image

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Mar 14, 2019

@adam3smith that "anonymous user" concept is interesting. I will say that @sekmiller @matthew-a-dunlap @scolapasta and I have been thinking about users a lot lately because there's been a lot of discussion around pull request #5626 which has to do with merging accounts (#5514). A lot of the same problems apply.

I'm curious what your experience with deleting users via API has been. Does it usually work? Do you do some checking of related tables before you attempt it? Maybe the next "small chunk" would be to improve the delete user API to do more pre-flight checking of related tables. You can see a list of related tables in the pull request above.

@adam3smith

This comment has been minimized.

Copy link

adam3smith commented Mar 14, 2019

We don't do it a lot and we (i.e. @qqmyers ) do check related tables. Adding preflight checks to the API would definitely help (and be a useful step/precondition towards an eventual UI solution) and could then likely be expanded to include methods for deletion and eventually a button if that's not considered too risky. Thanks!

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Mar 14, 2019

@adam3smith thanks. I think of #1929 as the issue for adding pre-flight checks since this issue (#4475) feel like it's more about adding a GUI.

@laertecchla is that right? You'd like a button in the GUI?

@ajs6f are you still with us? 😄 I hope you're well!

@adam3smith

This comment has been minimized.

Copy link

adam3smith commented Mar 14, 2019

Just to be clear, I also want a button in the UI, I'll just also take related improvements ;)

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Mar 14, 2019

@adam3smith sure. Mostly I'm just wondering if we should change the title of this issue to say something about a GUI. You are, of course, welcome to create new issues. It's easier to discuss and estimate issues where the scope is clear. Often we'll try to build the API first in one issue. Then we'll try to add a GUI later in a later issue. Of course, when a pull request from the community comes along, we don't have to spend as much time discussing scope. The scope in that case is whatever is implemented in the pull request. All we have to think about is, "Do we want this or not?" More often than not, we want it. Free code! 😄

@scolapasta

This comment has been minimized.

Copy link
Contributor

scolapasta commented Mar 14, 2019

@adam3smith @pdurbin Yes, the reason we have been wary to add the current API to the UI (for deletable users) or add to documentation as a fully supported API is the fact that it does not do this pre flight stuff, nor does it handle deleting roleassignments.

So, I think the steps could be:

  1. Clean up current API to make sure it will not orphan any roleassignments when/if the user is deleted. (additionally we'll want it to use a command and log something in the actionlogrecord, i.e. override the describe method, to make it clear the user was deleted for auditing purposes.
  2. Add an method to determine if a user is deletable.
  3. Use (2) to add a button the deletable users on the dashboard.
  4. Consider how to handle non deletable users*.

(*) we have considered doing something similar to Drupal to anonymize users downloads, but didn't want to do that with content that was created as it. For downloads it can also be tricky - for example, with green data tags, we require a user is logged in, so that they can be contacted in the event that the data needs to be deleted. By anonymizing the download, we (obviously) can't contact them anymore.

@laertecchla

This comment has been minimized.

Copy link
Author

laertecchla commented Mar 14, 2019

@pdurbin, I am a little bit lost here, but I've captured a print from users/groups section and attached it. So, do you mean something about the "removed assigned role" button?
Captura_Remove_Button

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Mar 14, 2019

@laertecchla hi! On that screenshot, do you want a "Delete user" button?

@laertecchla

This comment has been minimized.

Copy link
Author

laertecchla commented Mar 14, 2019

Hi, @pdurbin . Yes, I would like to have this button. I would like to exclude a user as I can do it in DSpace...
Thanks.

@pdurbin pdurbin changed the title how can I delete a user created for tests? As a superuser, I would like a button to delete a user Mar 14, 2019

@pdurbin

This comment has been minimized.

Copy link
Member

pdurbin commented Mar 14, 2019

@laertecchla ok, I just updated the title of this issue. If you think a different title would be better, please go ahead and change it. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.