Implementing a user deletion policy
We ran into a problem involving deleted accounts, so I'm looking into implementing some tighter controls. However, it doesn't appear that user_delete() is a hook, so I can't intercept it. I suppose I can filter out the "delete" button, but are there any other obvious solutions? I don't want to kill any kittens. Also, Watchdog logs the deletion but not the ID of the user who deleted the account. Seems like an oversight.
http://api.drupal.org/api/function/hook_user On Sun, Apr 4, 2010 at 12:00 PM, Steve Yelvington <steve@yelvington.com>wrote:
We ran into a problem involving deleted accounts, so I'm looking into implementing some tighter controls. However, it doesn't appear that user_delete() is a hook, so I can't intercept it. I suppose I can filter out the "delete" button, but are there any other obvious solutions? I don't want to kill any kittens.
Also, Watchdog logs the deletion but not the ID of the user who deleted the account. Seems like an oversight.
Earl Dunovant wrote:
http://api.drupal.org/api/function/hook_user
On Sun, Apr 4, 2010 at 12:00 PM, Steve Yelvington <steve@yelvington.com <mailto:steve@yelvington.com>> wrote:
We ran into a problem involving deleted accounts, so I'm looking into implementing some tighter controls. However, it doesn't appear that user_delete() is a hook, so I can't intercept it. I suppose I can filter out the "delete" button, but are there any other obvious solutions? I don't want to kill any kittens.
Also, Watchdog logs the deletion but not the ID of the user who deleted the account. Seems like an oversight.
And D7 http://api.drupal.org/api/function/hook_user_delete/7 but consider also the hook_form_alter. -- Earnie -- http://progw.com -- http://www.for-my-kids.com
Thanks, Earnie & Earl. Unfortunately, in pre-D7 and D7 cases the user hooks delete the user from the database before invoking any additional modules, so there doesn't seem to be an easy way to implement a global no-deletions policy. I suppose I'll have to chase down and filter all of the forms that might implement a deletion option.
Steve, Might want to checkout something like http://drupal.org/project/userprotectwhere you wouldn't have to touch any code at all. In addition, watchdog messages should show the currently logged in user when the message was fired. That would be the person who deleted the account. Dave Reid dave@davereid.net On Sun, Apr 4, 2010 at 11:00 AM, Steve Yelvington <steve@yelvington.com>wrote:
We ran into a problem involving deleted accounts, so I'm looking into implementing some tighter controls. However, it doesn't appear that user_delete() is a hook, so I can't intercept it. I suppose I can filter out the "delete" button, but are there any other obvious solutions? I don't want to kill any kittens.
Also, Watchdog logs the deletion but not the ID of the user who deleted the account. Seems like an oversight.
Using hook_form_alter you can intercept/modify the delete button. ----- Adam A. Gregory Drupal Developer & Consultant Web: AdamAGregory.com Twitter: twitter.com/adamgregory Phone: 910.808.1717 Cell: 919.306.6138 On Mon, Apr 5, 2010 at 11:54 AM, Dave Reid <dave@davereid.net> wrote:
Steve,
Might want to checkout something like http://drupal.org/project/userprotect where you wouldn't have to touch any code at all.
In addition, watchdog messages should show the currently logged in user when the message was fired. That would be the person who deleted the account.
Dave Reid dave@davereid.net
On Sun, Apr 4, 2010 at 11:00 AM, Steve Yelvington <steve@yelvington.com>wrote:
We ran into a problem involving deleted accounts, so I'm looking into implementing some tighter controls. However, it doesn't appear that user_delete() is a hook, so I can't intercept it. I suppose I can filter out the "delete" button, but are there any other obvious solutions? I don't want to kill any kittens.
Also, Watchdog logs the deletion but not the ID of the user who deleted the account. Seems like an oversight.
On Mon, Apr 5, 2010 at 11:54 AM, Dave Reid <dave@davereid.net <mailto:dave@davereid.net>> wrote:
Might want to checkout something like http://drupal.org/project/userprotect where you wouldn't have to touch any code at all.
I like the idea. Unfortunately it appears to apply only to new, not existing accounts, and it's bogglingly complicated.
In addition, watchdog messages should show the currently logged in user when the message was fired. That would be the person who deleted the account.
The deletions in question were attributed to "ANON," which probably was the deleted account itself, but also could have been any subsequently deleted account. The broader problem seems to be that there is no way to prevent user deletions short of hacking core or altering every form that might try to delete users. The "administer users" permission grants deletion rights, and that means every moderator who is empowered to block spammers gets the ability to destroy data. Don't like that a bit.
We "discovered" that D6 does a very poor job of allowing you control of deleting users when we wanted to handle this in the Web Links module. The user is actually already deleted from the database by the time the hook gets called - very bad process for Drupal. We did find a way to sort of get around it in Web Links and you might want to take a look at that code (in the Checker sub-module). I have had other sites where things just got totally out of control in a hurry when users got deleted. I finally removed that permission from everyone except user/1 (aka me). The best user deletion policy: DON'T! Block them all you want, but do not delete them - ever. Nancy E. Wichmann, PMP Injustice anywhere is a threat to justice everywhere. -- Dr. Martin L. King, Jr. ________________________________ From: Steve Yelvington <steve@yelvington.com> To: development <development@drupal.org> Sent: Sun, April 4, 2010 12:00:54 PM Subject: [development] Implementing a user deletion policy We ran into a problem involving deleted accounts, so I'm looking into implementing some tighter controls. However, it doesn't appear that user_delete() is a hook, so I can't intercept it. I suppose I can filter out the "delete" button, but are there any other obvious solutions? I don't want to kill any kittens. Also, Watchdog logs the deletion but not the ID of the user who deleted the account. Seems like an oversight.
On Monday 05 April 2010 22:19:50 nan wich wrote:
The best user deletion policy: DON'T! Block them all you want, but do not delete them - ever.
Yes, that what I usually recommend doing. This has the nice side effect of not letting the user re-register, since their mail address is already in the system. --y
participants (7)
-
Adam Gregory -
Dave Reid -
Earl Dunovant -
Earnie Boyd -
nan wich -
Steve Yelvington -
Yuval Hager