[drupal-devel] [bug] deleted users' nodes disappear

nedjo drupal-devel at drupal.org
Mon Apr 11 03:10:17 UTC 2005 

Issue status update for http://drupal.org/node/19055

 Project:      Drupal
 Version:      4.5.2
 Component:    node.module
 Category:     bug reports
 Priority:     normal
 Assigned to:  Anonymous
 Reported by:  menesis
 Updated by:   nedjo
 Status:       patch

The legal issues of ownership and privacy are important and closely
related to the question of deleting users, but maybe the user module
isn't the place to deal with them.  Rightly or wrongly, these questions
won't be of primary concern to everyone.  There is already a
(contributed) legal.module.  Should user.module stick to the mechanics
of user deletion and some basic options for what to do with leftover
content, as suggested above, and leave any legal enhancements to
changes to the legal.module?


nedjo



Previous comments:
------------------------------------------------------------------------

March 17, 2005 - 10:23 : menesis

Attachment: http://drupal.org/files/issues/node_user_delete.diff (507 bytes)

When a user is deleted, all nodes which he created can't be accessed
anymore, because they have non-existing uid and queries which select
from node and user tables fail.
There are two ways to fix that:
1) also delete nodes.
2) reset nodes' author to Anonymous.
1 is most probably undesirable side effect. When I encountered such
problem I was happy those nodes were still in database and I could
bring them back by changing uid. Otherwise I would have lost the
content.
Here is a simple patch which implements 2) - sets node.uid to 0
(Anonymous).


------------------------------------------------------------------------

March 17, 2005 - 10:34 : chx

At this state I strongly -1 the patch. I'd like to see a message about
what happened (maybe a number of nodes changed would be nice, too) but
this is a minor thing -- mayor is that I feel unpublishing such nodes
is a must. Let the admin decide whether it fits her purposes to let
other uses see them as Anonymous posts or do something else.


------------------------------------------------------------------------

March 17, 2005 - 10:39 : moshe weitzman

when we first implemented deletion of users, we discussed a lot and
decided to not delete the whole uid row; we removed the email address
and set the users.status = 0. I must have missed the patch which
implemented the full deletion from the database. I think full deletion
is too dangerous because all nodes and comments will disappear, as
you've noted. So my suggestion is to soften the deletion which is found
in user_edit() as it used to be.


------------------------------------------------------------------------

April 9, 2005 - 08:20 : Carl McDade

How hard would it be to change delete the user but change any content
using that users id to first user ownership? This would prevent the
house of cards effect.


------------------------------------------------------------------------

April 9, 2005 - 13:04 : Steven

We'd need to make every module which stores anything user-related to
respond on the user delete event, and then change ownership. It sounds
like a large hassle, and I agree with moshe that resetting the e-mail
adress and blocking the account is much easier and safer.


------------------------------------------------------------------------

April 9, 2005 - 13:20 : nedjo

There are several different actions that might be wanted in different
situations.  How about a followup page after user deletion providing
options, e.g., 
User [name] had [number] of posts and [number] of comments.  What do
you wish to do with this content?
Action:
[] Leave it in its current status.
[] Unpublish it.
[] Delete it.
Unless you delete the content, it should be assigned to a different
user.  What do you wish to do?
[] Assign it to the admin user.
[] Assign it to anonymous user.
[] Assign it to a different user ________.


------------------------------------------------------------------------

April 9, 2005 - 13:26 : chx

I will be a PITA, but there are legal issues, too. If I post something,
I will have copyright on it, and the most important is the attribution
right which -- if I remember correctly -- is not even transferable.
In short, it's a legal minefield if you change a post's author.


------------------------------------------------------------------------

April 9, 2005 - 16:13 : nedjo

Good point.  It's a bit of a knotty question, isn't it?  Seen from
another point of view, there are privacy and personal information
issues.  In my home jurisdiction of British Columbia, Canada, for
example, a Personal Information and Privacy Act says that personal
information may be kept only with informed concent, must be produced on
request, and must be destroyed as soon as it is no longer required.  Are
the data Drupal logs included here?  If so, a deleted user may have a
legal right to know that all data kept on them have been likewise
deleted.
Yet it is often necessary and appropriate to retain information entered
by someone no longer on record.  A concrete example:  The organization I
work for maintains a Drupal-based inventory of local food producers. 
When a departing staff member deleted her user account, I was chagrined
to find that all her records (most of what we had) had disappeared.  In
this case, the data entry was done on work time and belonged to the
organization.  I revived her work by reassigning it to another user.
I'm not sure where this leaves us.  Should we consider an "owner"
field, distinct from the author?


------------------------------------------------------------------------

April 9, 2005 - 16:39 : chx

I see some conflict here. If my private data can not be kept for some
reason (yes, Hungarian laws similar) how could I exercise my rights as
the copyright holder? We stumbled upon a hornet nest.


------------------------------------------------------------------------

April 9, 2005 - 16:45 : Chris Johnson

Keeping an owner (oid) in addition to the author (uid) seems like a
major part of the right solution.
For author copyrighted work, the owner and author are likely to be the
same person.  In such a case, either the authored, copyrighted work
should be deleted along with the user, or the author should be
deactivated but remain so that attribution for copyright can be made.
For work owned by someone else as in Nedjo's example of food producers
(this is called "work for hire" in the USA, and means the person hiring
owns the work, not the author), the owner is different than the author. 
When the author is deleted, the nodes could be assigned to the owner, or
anyone the owner designates.
The user interface for accomplishing this is a problem to be solved.

More information about the drupal-devel mailing list