Joomla! Issue Tracker - CMS

Download
Launch
Feeling Lucky

[#45121] - [6.0] soft delete users

Unit/System Tests PR-6.0-dev Failure

User tests: Successful: 0 Unsuccessful: 0

avatar reem-atalah
reem-atalah
13 Mar 2025

Pull Request for Issue #45026.

Summary of Changes

Update the Delete button in the Actions dropdown list on the Users page when selecting a user and clicking on it, the user is soft deleted.

Testing Instructions

Go to Users -> Create New User
(
Go to Articles -> Create New Article
Go to the Publishing tab -> Set the Created By to the new user
Go to Users -> Select the new user -> Click on Actions dropdown list -> Click on Delete

or

Login with the new user
Go to Articles -> Create New Article
Logout and login again with an administrator user
Go to Users -> Select the new user -> Click on Actions dropdown list -> Click on Delete
)

Go to the article where the Create By is the deleted user, edit and save it, it will be saved normally.
Navigate to the "Publishing" tab in the article and the "Created By" name will be "deleted_${id}"

Actual result BEFORE applying this Pull Request

Deleting a user from the system will mean you have 'orphan' articles, categories, and other items within Joomla, so you can no longer edit those records, unless the create by is changed.

Expected result AFTER applying this Pull Request

Deleting a user from the system will soft delete the user where the user won't appear in the users' list, and we can't log in with that user. However, we can edit content created by this user.
Note: You can create another user with the same username and email as the soft-deleted one

freecompress-joomla.deleted.user.mp4

Link to documentations

Please select:

  • Documentation link for docs.joomla.org:

  • No documentation changes for docs.joomla.org needed

  • Pull Request link for manual.joomla.org:

  • No documentation changes for manual.joomla.org needed

avatar reem-atalah reem-atalah - open - 13 Mar 2025
avatar reem-atalah reem-atalah - change - 13 Mar 2025
Status New Pending
avatar joomla-cms-bot joomla-cms-bot - change - 13 Mar 2025
Category Administration com_users Libraries
avatar reem-atalah reem-atalah - change - 13 Mar 2025
Labels Added: PR-6.0-dev
avatar joomla-cms-bot joomla-cms-bot - change - 13 Mar 2025
Category Administration com_users Libraries Administration com_users Libraries JavaScript Unit Tests
avatar reem-atalah reem-atalah - change - 13 Mar 2025
The description was changed
avatar reem-atalah reem-atalah - edited - 13 Mar 2025
avatar exlemor exlemor - test_item - 14 Mar 2025 - Tested successfully
avatar exlemor
exlemor - comment - 14 Mar 2025

I have tested this item ✅ successfully on 0984a87

I have tested this successfully. From a functional point of view, the PR does what you say.

I wonder though, if it will be confusing for users that in the Created By field after the user is deleted, the username of the deleted user is still in that field... (wouldn't it make more sense to say deleted user) - I guess the maintainers will have to decide if a change is needed or it can be included as is.

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/45121.
avatar obuisard
obuisard - comment - 14 Mar 2025

A simple solution to a problem we have with orphan articles and anything created by a user.

However there are things to take into consideration.
For instance, we do have a privacy extension where users can opt out of the site. When this is requested, we are required to remove the user no matter what.
Therefore I would suggest all data of the user be removed and just keep the user id and the minimum required for the system to work properly. Maybe have a generic name for deleted users with the user id in the name, so that we can still distinguish which articles were written by whom... A name could be like: deleted_166.

There may be instances were you would like to find all articles created by deleted_166. So we have to make sure filtering by user is still possible.

avatar brianteeman
brianteeman - comment - 14 Mar 2025

why do this for ALL users. surely it is only needed for users who have created or modified any type of content

avatar reem-atalah
reem-atalah - comment - 14 Mar 2025

Thanks @exlemor, @obuisard and @brianteeman for your reply.
@brianteeman how can I check first if this user is owner of any component, what if another component/content is added in the future, this deletion method will need to be adjusted, I think it's preferable to be generic. This is my point of view from my contribution, if there is something that make it easier that I don't know to apply this logic, I'd appreaciate it.

avatar reem-atalah reem-atalah - change - 14 Mar 2025
Labels Added: Unit/System Tests
avatar reem-atalah
reem-atalah - comment - 14 Mar 2025

@obuisard Thanks for the suggestion, your idea also makes me think that resetting the data, would make it possible to have the username and email reused.

avatar joomla-cms-bot joomla-cms-bot - change - 14 Mar 2025
Category Administration com_users Libraries JavaScript Unit Tests Administration com_users Libraries
avatar reem-atalah reem-atalah - change - 14 Mar 2025
The description was changed
avatar reem-atalah reem-atalah - edited - 14 Mar 2025
avatar reem-atalah reem-atalah - change - 14 Mar 2025
The description was changed
avatar reem-atalah reem-atalah - edited - 14 Mar 2025
avatar brianteeman
brianteeman - comment - 14 Mar 2025

Maybe have a generic name for deleted users with the user id in the name, so that we can still distinguish which articles were written by whom... A name could be like: deleted_166.

Except that would by design fail the privacy rules for completely anonymising the data wouldnt it?

Add a Comment

Login with GitHub to post a comment