Should we remove ability to turn on user and bug deletion?

Benton, Kevin kevin.benton at AMD.COM
Tue Apr 5 15:45:40 UTC 2005


I should add that I do not see a user deletion flag as being the same as
a user deleted flag.  Users that are disabled are just that - disabled.
No changes in the system need to be made for disabled users.  Disabled
users don't show up in drop-down lists, however, they can still own bugs
(yuck).  A company's security policy may require that a user is disabled
while they're on vacation or some other kind of leave of absence.

---
Kevin Benton
Perl/Bugzilla Developer
Advanced Micro Devices
 
The opinions stated in this communication do not necessarily reflect the
view of Advanced Micro Devices and have not been reviewed by management.
This communication may contain sensitive and/or confidential and/or
proprietary information.  Distribution of such information is strictly
prohibited without prior consent of Advanced Micro Devices.  This
communication is for the intended recipient(s) only.  If you have
received this communication in error, please notify the sender, then
destroy any remaining copies of this communication.
 
 

> -----Original Message-----
> From: developers-owner at bugzilla.org
[mailto:developers-owner at bugzilla.org]
> On Behalf Of Benton, Kevin
> Sent: Monday, April 04, 2005 1:19 PM
> To: developers at bugzilla.org
> Subject: Re: Should we remove ability to turn on user and bug
deletion?
> 
> > -----Original Message-----
> > From: developers-owner at bugzilla.org
> [mailto:developers-owner at bugzilla.org]
> > On Behalf Of Marc Schumann
> > Sent: Monday, April 04, 2005 11:05 AM
> > To: developers at bugzilla.org
> > Subject: Re: Should we remove ability to turn on user and bug
> deletion?
> >
> > On Apr 4, 2005 10:54 AM, Gervase Markham <gerv at mozilla.org> wrote:
> > > The newsgroups are filled with people who have turned on user and
> bug
> > > deletion, despite the warnings, and got into difficulty. I say we
> should
> > > remove the Params, and tell people it's not supported, until such
> time
> > > as someone implements it properly.
> > >
> > > What do you think?
> >
> > User deletion has improved a lot with bug 119485. On user deletion,
> > the admin is presented with individual, detailed warnings. Short of
> > deleting bugs, related entities are deleted along with the user.
> > Leaving the bugs undeleted will cause db inconsistency when
overriding
> > the corresponding warning. Maybe it's an idea to go for the
> > never-inconsistencies way, but I don't think this warrants to make
> > user deletion impossible.
> 
> As a Bugzilla Administrator, it seems like a lot of work at this point
> to perform deletions of users if that user has had much activity in
the
> system at all.  If the user is an assigned-to person, has commented on
> bugs, has created activity log entries, attachments, etc., there's a
lot
> to deleting that user without creating referential problems.  On the
> other hand, if we have a "deleted" flag, it would be relatively easy
to
> handle clean-up because the user should no longer have access to the
web
> or email interfaces, and there's no need to handle activity log
entries
> in a special manner because they're still stored in the database.  In
> the event a system admin decides they made a mistake, no data has been
> lost, they can simply turn the user back on.  In my mind, a user
flagged
> as deleted would no longer show up in user lists, hyperlinks to them
> would be disabled, and the only way to gain access to those users
would
> be to request to include a listing of deleted users from the user
> administration menu, and of course, from MySQL directly.
> 
> As a Bugzilla programmer, it makes a lot of sense to me to give the
> ability to "permanently and completely disable a user" without having
to
> remove them from the DB.  I believe it would be extremely rare when
> administrators would actually want to physically remove "old users"
from
> the system short of running out of disk space or the user table gets
> "too big."  In those cases, I think we need to come up with a way to
set
> up a default user that all entries can be reassigned to in the event
> that a user deletion is required. If not a default user, then I feel
we
> should give the person performing the deletion the opportunity to pick
a
> person or assign the bugs back to the person doing the deletion.   In
> those cases, a set of updates could be written to update all the user
id
> foreign keys changing any instance of the user being deleted to the
> appropriate user id.  By doing this, we haven't thrown out any
> historical information, and we can now completely remove the user from
> the system without breaking any references.  It also makes querying
the
> database relatively easy, giving the administrator immediate access to
> any bugs that need to be reassigned after the user has been removed.
> 
> Another benefit of this auto-reassignment method is that it makes it
> easier to back-out any changes made by a real user deletion.  All the
> changes made to bugs and other foreign keys containing that user's id
> can be reverted because the listing of those changes should be
available
> in a query.
> 
> ---
> Kevin Benton
> Perl/Bugzilla Developer
> Advanced Micro Devices
> 
> The opinions stated in this communication do not necessarily reflect
the
> view of Advanced Micro Devices and have not been reviewed by
management.
> This communication may contain sensitive and/or confidential and/or
> proprietary information.  Distribution of such information is strictly
> prohibited without prior consent of Advanced Micro Devices.  This
> communication is for the intended recipient(s) only.  If you have
> received this communication in error, please notify the sender, then
> destroy any remaining copies of this communication.
> 
> 
> 
> -
> To view or change your list settings, click here:
> <http://bugzilla.org/cgi-bin/mj_wwwusr?user=kevin.benton@amd.com>






More information about the developers mailing list