How to delete a user?


(Nowindlee) #1

How to delete a user completely? There are some testing users who registered, and I want to remove them.


(Adam Davis) #2

I’m pretty sure that’s not yet available. Can you describe what exactly you want to happen? Do you also need their posts removed? If they’re posts are quoted do you want the system to remove the quoted parts as well? If you don’t want the posts removed, do you want them assigned to another user?

Give an idea of how this feature should work, and the cases you would use it that are common enough to warrant it.


(Jeff Atwood) #3

Probably we need both. Terminology ideas welcome, but how about:

  • Destroy User - removes user account and all their posts

  • Remove User - removes user account, but keeps all their posted content, changing the name on the content to “generic” or “anonymous” or “userid12” (depends if you want to back trace this at some point…)

edit: the latter option is now known as Anonymize User and exists in modern versions of Discourse.

Of course there need to be serious reality checks on Destroy, like a form where you type in DESTROY THIS USER and a captcha to make it happen, and additional checks on top of that to prevent it happening to a moderator account or an account with lots of content in the system.


Deleting all of a users topics and posts
(F. Randall Farmer) #4

And we need to be very careful about the semantics of what, exactly, gets destroyed along with the user - such as posts, etc. If Destroy User was used to remove a troublemaker, and a lawsuit ensued (even if not against the Forum operator) - having an archive of posts might be critical.


(TomG) #5

Can anyone actually come up with a usage scenario where it would be useful to ‘DESTROY’ a user? I’ve used sites where this is done and it really confuses any threads that the erased user was involved in. If you were to implement it, I would suggest that the posts/quotes etc are just hidden from non-moderators. This would enable moderators to make sense of the thread to date, and make the act itself reversible.


(fhd) #6

Is deleting the entry in the users table sufficient for a user that has not been approved and no posts/mesages? Don’t see any left overs.


(Jeff Atwood) #7

Generally this happens a lot on Stack Exchange with spammers. Human ones, I mean, that are solving the captchas and so forth. You really don’t want that content on the site at all, so you destroy the user which removes them and all their spammy content.

So assuming there will continue to be human spammers, which I believe is a safe bet well into the next thousand years, we need a destroy option…


(TomG) #8

But Stack Exchange is only pseudo-linear. Discourse is (hopefully) narrative, and derives value from the emergent properties of, well discourse.

Ja-Ja Binks was a crime against cinema, but you would not improve The Phantom Menace by writing an algorithm to excise him from the film, leaving his interactions intact.

I don’t actually have a strong opinion about it, I just thought of the Star Wars analogy and was then compelled to use it.


(Mike Murray) #9

Ja-Ja Binks was a crime against cinema, but you would not improve The Phantom Menace by writing an algorithm to excise him from the film, leaving his interactions intact.

Are you sure? I’d at least be up for giving it a chance… :smile:

Seriously though, you make a good point about preserving the context of the greater conversation, but there are definitely use cases where it’s absolutely appropriate. The most you can hope for is to educate admins and hope they use the tools provided appropriately.


(Frankie Sachs) #10

I think I’d prefer more flexibility.

Something like:

Destroy! - Kills it. With fire. Useful for spammers and the like, just wipes them out, maybe with an (adjustable) time limited IP ban or something.

Retire - disables the account, but leaves content in place, preserves discussions. This could be available to the user as a non permanent option for leaving a community. Maybe include the option of hiding the user name and only showing “retired user.”

This would be useful for situations where the user will be inactive for an extended period of time, but plans on returning. (I had a new baby, I’m moving house and starting a new job, I’ve joined the peace corps and will be AFK for the next couple years.) Also for voluntary departures where the user doesn’t plan on returning.

Eject - for users departing against their will, with options to show/hide/delete their old posts.

It’s a difficult balance. I definitely see the value of preserving context in a discussion.

On the other side, I spend a lot of time in creative discussions, sometimes sharing work in progress for feedback. At the point where that work is complete, people don’t always want early drafts publicly preserved forever, and sometimes it even limits the market for that work (a paying publication may refuse it if it’s available online) so there are definitely cases for removing the content from discussions/quotes.


(Ides) #11

Stripping out quotes may prove more destructive to the discussion and others users than the user who you are destroying. The reference to the name could be removed but I wouldn’t go as far and remove all the quotes that were used from the destroyed user. There is also the question of users who made new topics. Do their posts and all other posts (since they started the topic) get destroyed as well? How about users who suddenly go on a tangent and post inappropriate content for a few weeks?

It would appear that having a more advanced list of options would be more suitable for an admin to have access to. They will be able to remove users based no the specific situation. Have options to destroy their content, what kind of content, and a date range of when they should be deleted. Also allow for other actions to be selected and specifically set for a certain time periods or enforce limitations.


(Nicholas Smith) #12

I would say explicit labels on the buttons / links or however it’s implemented.

“Delete user"
and
"Delete user and their posts”


(Stefan Wrobel) #13

Is there even a way to permanently ban a user at present? I tried not entering anything into the “How long would you like to ban the user for? (days)” dialog and it doens’t seem to ban them. I just put some high number like 999999 and that worked, but they still show up in autocomplete for handles when I enter @ in a post… That’s what I’m most looking to accomplish with deleting my test users.


(Jeff Atwood) #14

Well “ban” does not mean “stop them from existing”, right? :smile: So I wouldn’t expect a ban to prevent them from being addressable, just prevent them from posting or replying in any way.

But I really would like a way to delete users, since it irritates me when we have test accounts or egregious spammers that I can’t remove all trace of. We do have to decide who owns the content once the user is removed from the database, though, and that’s tricky.

At Stack Exchange we had the “community” user (id -1) that would own stuff like that.


(Stefan Wrobel) #15

Well isn’t the obvious thing just a deleted flag or deleted_at date on a user? In the ecommerce world that’s pretty common since you have orders, payments, etc that you can’t remove the record of but people always want to “delete their account”.


(Jeff Atwood) #16

Do we have orders and payments here, like a bank, that would require banking level security around data? Is this an e-commerce site?

I don’t want spam or test accounts polluting the database, personally, in any form.

I think we had discussed putting a safety around this feature so you could only delete:

  • users newer than (x) days
  • users with less than (x) posts or topics

Etcetera.


(Stefan Wrobel) #17

Understand where you’re coming from, I like a “clean” database as well, but this requires much less in the way of workarounds. Just suggesting it as as alternative solution :wink:


(finid) #18

What about the case of a user who just joined 5 minutes ago and all their posts have been spam. I think in such a case, which is very common in forums, an option to just delete the user and all their posts will be fine.


(Lilia Kai) #19

Ditto. In my case these users have no posts, so that’s a non-issue. I was using them to test social registration flows, and would like to remove all trace of them so I can go through the flows again without creating new test accounts on twitter, fb, etc…

So far I’ve removed the User, [Provider]UserInfo, and EmailToken records for them. Did I miss anything else?


(Joshua Hogendorn) #20

Heya, just dropping by to confirm whether or not you’re able to delete users as of 0.9.7.8?