[development] Implementing a user deletion policy

nan wich nan_wich at bellsouth.net
Mon Apr 5 19:19:50 UTC 2010

We "discovered" that D6 does a very poor job of allowing you control of deleting users when we wanted to handle this in the Web Links module. The user is actually already deleted from the database by the time the hook gets called - very bad process for Drupal. We did find a way to sort of get around it in Web Links and you might want to take a look at that code (in the Checker sub-module).

I have had other sites where things just got totally out of control in a hurry when users got deleted. I finally removed that permission from everyone except user/1 (aka me).

The best user deletion policy: DON'T! Block them all you want, but do not delete them - ever.
Nancy E. Wichmann, PMP
Injustice anywhere is a threat to justice everywhere. -- Dr. Martin L. King, Jr.

From: Steve Yelvington <steve at yelvington.com>
To: development <development at drupal.org>
Sent: Sun, April 4, 2010 12:00:54 PM
Subject: [development] Implementing a user deletion policy

We ran into a problem involving deleted accounts, so I'm looking into implementing some tighter controls. However, it doesn't appear that user_delete() is a hook, so I can't intercept it. I suppose I can filter out the "delete" button, but are there any other obvious solutions? I don't want to kill any kittens.

Also, Watchdog logs the deletion but not the ID of the user who deleted the account. Seems like an oversight.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/development/attachments/20100405/19397a87/attachment.html 

More information about the development mailing list