Deleting Users in rails console

support
1

We are using SSO to log in users that autenticated on our main website

One of our users got a message (on login) that there was an error and that she should contact an administrator. So we searched for her but could not find her profile.

I did the first best thing i could imagine and “deleted” her via command line

 User.find_by(email: "ex@example.com").delete

which was not smart and did not really work. When she tried to login she was faced with the same error. Now her profile exist (not findable via search but via url) but without an email or salt or password hash.

How can i purge her from the system in a way that she will be able to login again?

Im Glad for any input

Attched the Profile when searched for by user.find_by

id: 1541,
 username: "anon.nymus",
 created_at: Tue, 15 May 2018 17:25:11 UTC +00:00,
 updated_at: Sun, 02 Feb 2020 07:00:59 UTC +00:00,
 name: "Anon Nymus",
 seen_notification_id: 29204,
 last_posted_at: Mon, 28 May 2018 17:42:14 UTC +00:00,
 password_hash: nil,
 salt: nil,
 active: false,
 username_lower: "anon.nymus",
 last_seen_at: Thu, 17 May 2018 19:55:26 UTC +00:00,
 admin: false,
 last_emailed_at: Sun, 02 Feb 2020 07:01:07 UTC +00:00,
 last_emailed_at: Sun, 02 Feb 2020 07:01:07 UTC +00:00,
 trust_level: 2,
 approved: false,
 approved_by_id: nil,
 approved_at: nil,
 previous_visit_at: Wed, 16 May 2018 18:21:47 UTC +00:00,
 suspended_at: nil,
 suspended_till: nil,
 date_of_birth: nil,
 views: 0,
 flag_level: 0,
 ip_address: #################
 moderator: false,
 title: nil,
 uploaded_avatar_id: nil,
 locale: nil,
 primary_group_id: 49,
 registration_ip_address: nil,
 staged: false,
 first_seen_at: Tue, 15 May 2018 17:26:19 UTC +00:00,
 silenced_till: nil,
 group_locked_trust_level: nil,
 manual_locked_trust_level: nil,
 secure_identifier: nil>
1 Like
2

You’ll want to use the UserDestroyer to delete a user properly. Something like this should work:

UserDestroyer.new(Discourse.system_user).destroy(User.find_by_username_or_email("ex@example.com"), delete_posts: false)

That will have the system user delete the user with the email ex@example.com. You can also provide a username instead of email.

If you want the logs to show who deleted the user, replace Discourse.system_user with User.find_by_username_or_email("admin@example.com") where admin@example.com is the email of a site admin.

2 Likes
3

Hi Joshua and thank you for your quick reply.

Unfortunatelly this resulted in an Error

UserDestroyer::PostsExistError: UserDestroyer::PostsExistError
from /var/www/discourse/app/services/user_destroyer.rb:18:in `destroy'

note: i used the username instead of the email to find the user due to the email being deleted by dumb me

4

OK, so that means the user you’re trying to delete has posts: PostsExistError.

The suggested method of resolution here would be to review the users posts, and delete them 1-by-1, in case there are any you wish to keep by changing the user. Remember that deleting the first post in a topic deletes the topic too.

The “just do it” method would be to change delete_posts: false to delete_posts: true.

1 Like
5

I see this error. I found the user by username. (Unable to use email for some reason)

Discourse::InvalidAccess: can_delete_user? failed
from /var/www/discourse/lib/guardian/ensure_magic.rb:11:in `method_missing'

The command

UserDestroyer.new(Discourse.system_user).destroy(User.find_by(username: "someuserwhocertainlyexists"), delete_posts: true)
6

I encountered the same error:

UndefinedColumn: ERROR:  column users.email does not exist
LINE 1: SELECT "users".* FROM "users" WHERE "users"."email" = 'test'...

I think jomaxro’s reply could be updated with a working example. :slight_smile:
Also, what would be the command to delete a user using its email address then?

1 Like
7

Sorry for the delay, fixed.

3 Likes
8

Hi, I’m encountering the same error:

Discourse::InvalidAccess: can_delete_user? failed
from /var/www/discourse/lib/guardian/ensure_magic.rb:11:in `method_missing'

Any idea?

9

Hi, no one has a solution? It seems to happen only when trying to delete some accounts but not others, and I can’t figure out why.

Exemple of my loop running:

2821 : Gurpreet
2969 : GUY26
3012 : dboy3587
3015 : devilsports
3020 : jimyyyy
3029 : vdubgrub
3071 : Frank1
3126 : volgano
3172 : dawei
3307 : almolatham
3320 : embsoft
3352 : auto
3379 : sulemaninc
3447 : Baton
3463 : galvin
3465 : autopartchina
3497 : tracker
Discourse::InvalidAccess: can_delete_user? failed
from /var/www/discourse/lib/guardian/ensure_magic.rb:11:in `method_missing'

All users have been deleted, but not the last one. If I skip this one, it will delete next users until it can’t delete another user for an unidentified reason.

edit: I had to edit these settings:
delete all post max
delete_user_max_post_age
:+1:t6:

4 Likes
10

Seems like you cannot delete admin users with this command? :thinking:

11

Correct. Staff users cannot be deleted. To delete the user, you’d first have to remove their admin access.

u = User.find_by_username_or_email("ex@example.com")
u.admin = false
u.moderator = false
u.save
UserDestroyer.new(Discourse.system_user).destroy(u, delete_posts: false)
3 Likes
12

Thanks : delete_user_max_post_age help me to clean up my old database (more than 20 years)

2 Likes