Moet een gedeactiveerde gebruiker een e-mail ontvangen?

I am searching for a way to force an email revalidation of users. I saw
, in the user page and did a test. When attempting to log in the test gave me a response of

The image shows a login screen with a message stating that an activation email was sent previously and instructing the user to follow it to activate their account. (Captioned by AI)581×216 6.26 KB

Should the Deactivated user have received an email alerting them that they need to revalidate?

When you manually deactivate a user it doesn’t automatically send an email asking them to revalidate, though you can press the button that appears in their user/admin page to resend one.

When an inactive account attempts to login they should be prompted with a screen like this where they can choose to have a fresh one sent:

The image shows a login screen stating that the user cannot log in yet, with a partially obscured email address, and provides options to resend activation emails or change the email address. (Captioned by AI)1179×1165 120 KB

I’m not sure why your screenshot seems to be missing that option? Could it be some custom code you’ve added to hide a particular button that has also accidentally hidden this one? Does it show up in safe mode?

Edit: After a little bit of digging, I think it’s the must approve users setting that makes the box disappear. When I enable that I no longer get the option showing up:

This image shows an error message instructing the user to check their email for activation instructions for logging into their account, with the email address partially blurred. (Captioned by AI)1179×1083 100 KB

I’m not 100% sure that’s intentional.

It does seem intentional:

Though it does also break the revalidation flow for manually deactivating users so it still feels like a bug.

I’ll slide it over to Bug and see if someone more knowledgable can adjudicate.

To recap:

• The community is invite only and every new member must be approved by staff
• You want to force email re-validation on some users.
• Given must_approve_users is invite_only and login_required the option for re-sending activation email is missing.

Some observations:

• the interplay of the 3 settings is a bit confusing. Why would you want must_approve_users if you are already an invite_only community?

• must_approve_users blocking email approval is somewhat confusing, we should revisit.

Leaving this with the staff-experience team to triage. Expect a response this week.

@benjamincfarmer does it make sense to try must_approve_users off on your community given it is already invite only?

How is invite only connected to this?

When I disable a user, the resend activation email button is missing because must approve users is enabled. Invite only isn’t enabled on my forum.

Yeah I agree it is unrelated, but the particular forum in question does not appear to need must approve users cause it is invite only anyway.

I can understand that you use both, so users with a certain trust level can invite others, but staff can still control who joins the community. I would expect fewer sign-ups by spammers, so less work for staff.

The context for the change appears to be:

So “must approve users” relies on “admins” to actually do the email validation.

My gut here is that the change to fix is rather complex.

• Must approve users - should only get users that have validated emails
• Hence even if this setting is enabled we should validate emails first prior to passing on users to admins

Which would be a major rework of this feature. Not against this by any means but it feels somewhat complex.

That topic was created in September 2017.

This was committed in May, so before the topic was created.

Isn’t that the case?
When I sign up a new user:

1. I fill in the registration form
   
   

   Screenshot_20250512_022217_Firefox855×679 50.7 KB
2. Then I am asked to validate the email address
   
   

   Screenshot_20250512_021653_Firefox1068×555 94.4 KB
3. When I open the link sent by email, I click to activate the account
   
   

   Screenshot_20250512_021724_Firefox1024×440 49.3 KB
4. I am told that I need to wait for staff to review my registration.
   
   

   Screenshot_20250512_021734_Firefox1051×687 115 KB
   
   At this point, the sign-up appears in the review queue, and staff can approve the user, who then receives the email that they can log in.
   
   

   Screenshot_20250512_021814_Firefox1268×960 120 KB

The root desire of account deactivation was to prune accounts of individuals who no longer have access to their original sign-up email address. After observing that you can move the account to a new address when the account is deactivated I’ve realized that this wouldn’t provide the effect we were looking for anyways.

Sorry for kicking the beehive @sam

Our forum is being used to provide support to our sales agencies. If one of these employees leaves, and goes to a competitor, we want to remove them from the system. Feedback from the agency would be the best way to do this, if I had faith they would tell me.

Thank you for explaining the problem. One option would be deleting the user, but I assume you would like to keep old posts.

The second option would be to anonymize the user. That would prevent them from logging in again, and you will keep all conversations (under an anonymized username).

Demo of anonymize2240×1288 160 KB

However, if you would like to keep their original username, we would need to develop a new button called “disapprove.” We would place it here:

Screenshot 2025-05-27 at 3.10.26 pm2212×408 40.9 KB

If a “disapproved” user tries to log in, they would see this screen:

Screenshot 2025-05-27 at 3.11.21 pm1618×1040 52.6 KB

Would the anonymize feature work for you? It might take us a moment to develop that “disapprove” feature.

Hallo allemaal,

Wij hebben een zeer vergelijkbare behoefte waar ik ook dacht dat "Gebruiker deactiveren" dit zou kunnen ondersteunen, maar ik kwam hetzelfde tegen: Deactiveren triggert geen reactiveringsmail, en staat de gebruiker niet eens toe de e-mail opnieuw te verzenden omdat we een privéforum zijn waarvoor goedkeuring vereist is.

Onze use case is dat we mensen uit een specifieke groep van publieke werkgevers toestaan om lid te worden van een community, bewezen door hun e-mailadres. We zijn op zoek naar een soort periodieke herverificatie dat ze nog steeds bij de werkgever werken door de accountreactivering te forceren, zodat ze niet lang met bestaande inloggegevens kunnen inloggen als ze hun werkgever verlaten en hun e-mailaccount wordt gedeactiveerd.

Ik ben op dit moment niet op zoek naar tools voor accountarchivering - de bestaande tools zullen werken - de workflow waar ik over nadenk en me zorgen over maak, is hoe ik in feite alle gebruikers kan bereiken en kan zeggen: "hé, ben je nog steeds op hetzelfde e-mailadres?" en hen te verplichten dit te verifiëren, zonder de mogelijkheid om het e-mailadres op de goedgekeurde account te wijzigen. Ik denk dat we de wachtwoorden zouden kunnen resetten, en ze zouden toegang moeten hebben tot het e-mailaccount om hun wachtwoord opnieuw in te stellen, maar dat is een iets hogere last voor mensen dan op de link klikken en kan sommigen wegjagen.

Als er een betere manier is om dit soort periodieke herverificatie te bereiken, sta ik daarvoor open, of dat nu in de UI is, of een gebruik van de API’s om handmatig nieuwe verificatietokens en e-mails te activeren.

Dank u wel!

Was this confirmed as intentional? If so, I think this can likely be moved out of Bug. (Also a little curious as to the rationale if someone is willing to share )

If it is intentional then there seems to be at least two UX/Feature issues here:

• Smoothing out the ux of this ‘dead end’ re-verify situation a user can find themselves in

• Providing a way to periodically force an email revalidation where the users can’t simply switch to a non-authorised email and carry on accessing the site