Introducing permanently delete post functionality

When a post is deleted in Discourse, we perform a soft-delete. This means that post is still present in the database in case an administrator wants to recover it later. A soft-delete is not sufficient when the deleted post contains sensitive information and must be pruned from the database completely. For those situations, we are introducing the ability to permanently delete a post.

image1616×962 99.5 KB

To use this feature, enable the can permanently delete setting. However, please be aware of the risks involved with this feature — as the setting name suggests, if you permanently delete a topic, post, or post revisions, there is no way to restore this content. As such, there are a few safeguards in place:

• When you enable the can permanently delete setting, we present a modal that asks for your explicit confirmation that you understand the risks:

  

• After initially deleting a topic (which is “soft delete” that can be reversed via the Un-Delete Topic button), you must wait 5 minutes before you can initiate a permanent deletion via the Permanently delete button. If you need to move faster, another admin can complete the permanent deletion immediately.

  

  Modal that appears between soft-delete and permanent delete that informs admins they must wait 5 minutes between these actions or involve another administrator.808×174 7.72 KB

• After those 5 minutes have passed or if another admin is helping out, when you click the Permanently delete button we will present an additional confirmation modal that you must complete before proceeding:

  

A post was split to a new topic: Introduce a way to also permanently delete the sensitive info from the staff logs

14 posts were split to a new topic: Where is the option to permanently delete?

A small update on the functionality of this feature…

You can now also permanently delete post revisions when this setting is enabled.

This can be done from the Revision History by first hiding the revision, and then the option to ‘Delete revisions’ appears:

permanently delete post revisions1141×500 33.7 KB

We have updated this feature to make the can permanently delete setting visible to admins. This means you no longer need to contact the Discourse team or use the console to manage this setting.

However, we have added a few additional safeguards to make sure admins are completely aware of the risks of this feature:

• When you enable the can permanently delete setting, we present a modal that asks for your explicit confirmation that you understand the risks:

  

  Confirmation modal that appears after enabling the can permanently delete setting.877×206 16.6 KB

• After initially deleting a topic (which is “soft delete” that can be reversed via the Un-Delete Topic button), if you initiate the permanent deletion (i.e. click the Permanently delete button), we’ll present an additional confirmation modal that you must complete before proceeding:

  

  Confirmation modal that appears after attempting to permanently delete a post.488×337 21.9 KB

Note: If the same admin is performing the soft delete and permanent delete, they still must wait 5 minutes between these actions.