User administrators should not be able to delete their own accounts

lol

Just a heads up - there is a very old feature request to allow users to delete their own accounts: http://drupal.org/node/8

for privacy reasons, users must be able to delete own account in one way or another. see the link above for loads more discussion.

i will help angie fx her account on groups.drupal.org

ah, now i see your point. i'd rather see #8 implemented than this, but either one would be more consistent than what we have today.

I have fallen prey to same funny story, luckily with a happy ending, but I give this a +100 cuz, dude, that was just embarrassing as hell.

Visual review: The if condition in the patch appears to be the same as the return value of user_delete_access() and can probably be replaced. I think it can be avoided altogether if the forms are cleaned up.. but that's another matter altogether.

-K

New patch, the old one didn't apply anymore. I also use user_delete_access() to decide whether the delete button is shown, as suggested by Zen.

I think this should move into D6 now.

Still applies with some offset, please review...

I'm marking this a critical - it's insane to be able to delete the author reference to certain node or comment.

Do you think this should be added as an option in the User Permissions page? user_access("delete own account").

@rob: yeah. That too. But not enough. As I said, losing the reference (replaced with anonymous) should never happen. (A node always stores the uid in the node table)

Here is my take on it:

• A user should be able to disable his/hers account by default and by that telling the user administrator that the account is inactive. Administrator can then sort by inactive accounts
• Deleting a account should be disabled by default. But if the user has sufficient permissions( 'Delete own account' ), then the user name/uid should not be deleted from the node.

Applies cleanly and works correctly with no error messages.

Steps:
Verified behavior before patch, created new role with all permissions, new user with new role, was able to delete their account
Applied patch, created user with new role and Delete button does not appear on their own user edit page.
Logged in as user with uid 1 and could delete the other user from their user edit page.

A user is still able to delete their account through the admin user management page, but I believe that is out of scope for this patch.

Leaving issue under review for further testing if necessary.

patch code looks reasonable

This is not a critical problem, sorry. You can hook_form_alter and hook_menu_alter this if you so want.

works as expected (after menu rebuild). Pretty much RTBC.

However, I'm not satisfied without blocking the multiple-delete path too. Patch attached takes care of this too.

oops - cross-posted with chx. however, this is a usability nightmare that does verge on critical.

#18 is good. Unable to delete your own account through user edit and the user management page stops you from deleting yourself.

Only minor change is punctuation at the end of the drupal_set_message :)

#18 rerolled

Please disregard patch in #20, generating the patch through eclipse gathered some other things I'd forgotten to ignore.

oops - looks like I made a typo in the code comment too:

 // Users cannot not delete themselves to prevent accidents.

should be

 // Users cannot delete themselves to prevent accidents.

#18 patch with fixes from #21 and #22.

Guys, I ran the patch. I think something is wrong on my end.
Could you spot this error for me? I have the file in the root of
the installation. I'm not sure what's not working right. I'm trying
to get some of this testing done, but it's not helping me none by
getting these errors.

C:\server\pub\test\6p00dev>patch -p0 < stop_selfdestruction_2.patch
patching file modules/user/user.module
Assertion failed: hunk, file ../patch-2.5.9-src/patch.c, line 354
This application has requested the Runtime to terminate it in an unusual way.
Please contact the application's support team for more information.
C:\server\pub\test\6p00dev>

» Respectfully, GreenLED
» Stable Files . net

Please note that issue titles change when you add one, not your own comment. Resetting.

patch applies cleanly for me to a checkout of the DRUPAL-6 branch, as well as to HEAD. @GreenLED, perhaps you didn't reverse a previous patch?

Never-mind. I am running patch in windows. I found out
I needed to add the --binary option and everything works
fine now. Curious: I cannot for the life of me figure out this
"HEAD" deal. I just installed the particular version (6.x, dev).
What page is "HEAD" downloaded at? I will re-test this patch
and report the results back after this post. Up to now, I just
have found the correct method to patch other patches. Sorry
for the confusion and the mis-typed subject line.

» Respectfully, GreenLED
» Stable Files . net

GreenLED: HEAD is just the newest, "trunk" version of the code in CVS. It is not available for normal download (although the 6.x-dev tarball was in fact a daily snapshot of HEAD until the DRUPAL-6 branch point). Here is how to check out HEAD or DRUPAL-6 from CVS.

I see. Thanks. Ran the patch.

Before:
1. Created user with all permissions.
2. Clicked through to "user/#/edit"
3. "Delete" button was present.

After:
1. Patch successfully ran, with zero erros.
2. Delete button was successfully remove.
3. No errors occurred.

Notes: Instead of just removing the delete button
why not leave the button, rename it to "close account"
When someone clicks the button the "admin" email is
sent a request to remove that particular account right
away. There would be a textarea field added in,

Administer > Configure > General (a.k.a. Site Information)

Or some such screen where you could customize the look
of the email to yourself. The email would include a link,
which would be the confirmation to delete the account.
It would look something like this...

===========================================
John,
Ben has requested that his account be permenantly
removed from $site_name. Please confirm or deny this
request.

Administer (link)
===========================================

When you click administer it would go directly to a page
where you could 1) Confirm -- with options A) Make account
inaccessable (remove, leave data) -- B) Remove all data.
(remove, delete all data). Something like this. This needs
to be more robust then just deleting the account. What do
you guys think?

» Respectfully, GreenLED
» Stable Files . net

@GreenLED - did you mean to set to "needs work?

For 6.x we are in bug-fix mode, so the patch should contain the minimum changes necessary to solve the bug. Anything else will not be accepted into the codebase.

If you want to propose new features, your are very welcome to open a new issue against 7.x (a.k.a. HEAD).

Ok. Sounds good to me. The patch works well.
I have set the status accordingly. I don't know
of any bugs in this code as of yet. Therefore,
I will assume by your comments this needs some
more work. Am I correct?

» Respectfully, GreenLED
» Stable Files . net

Patch in #23 has been reviewed twice, so I'd say RTBC. Normally you shouldn't RTBC your own patches, but #23 patch isn't really mine.

While this is certainly cool, it comes too late unfortunately. I just rolled the RC4. Also, strings are supposed to be frozen for some time already. So adding new translatables would not be fair for translators. It would be great to commit this early in D7 though.

This is crazy. We're having a working patch (even RTBC) for a major usability bug, and you are moving it to the D7 queue.

You've probably seen that I have already moved tens of or even a hundred issues to D7 myself, and I will continue to do so.
So don't say I would try to get everything into D6. But this one here goes certainly too far.

If you move everything (including serious bug reports) to D7, then we wouldn't even need minor releases besides fixing a critical bug or two every three months.
Face the fact: We don't have complete content translation, so we are unfortunately not in the position to have a D6 killer feature that needs to go out asap. Drupal 6 can be successful, if it is (as you put it yourself) "the fastest, most stable, and feature-filled version of Drupal yet."

So please let us do our work. If you complain about too few testers - this is what is driving your testers away.

The other question is: what is driving you to rush to the final release like this? Is it your holy grail: the translators? Is it some reasons we all don't know? We all agreed that D6 is ready, when it's ready, but you are trying to break that agreement.

I know this last question is offending. And I hope you don't take it personal. But I am angry. And I think I have good reasons to be angry.

@Pancho - go punch a pillow or something. Do not make offending statements and then try to duck behind "i hope you don't take it personally". You've made tons of great contributions to this release, lets not spoil it.

Every release has heartbreakers that don't make it in. Gabor is simply doing the job of the release manager.

@moshe: I really appreciate your comment!

I just have to state that I'm not ducking behind anything. I have been that downright to concede that this question has been a bit harsh. But what is offending, must not be taken personally. Gábor can easily say: The reason is this and that. The problem is, that we all don't know the reasons why he is rushing into the final release that much.

Also, it is not spoiling, if in the intense process of collaboration, not everything is always perfectly smooth. Surely there are conflicts, and if we cope with them in a constructive way, the community will get stronger than if we deny them.

I will accept the decision and keep on doing my work.

@Pancho - as chx says, we can whip up a little module to do this, so at least it's not something totally impossible to manage in 6 (unlike some other regressions where functionality was lost without the patch)

Maybe an add-on, or module similar to: http://drupal.org/project/paranoia

Yeah, let's do it this way.
I wasn't talking about this single issue, anyway. It's been more like - how do English speakers say - the straw to break the camel's back. :)

Since we have more time for it, I'd like to propose a slightly alternate solution to this. IMO, the root problem is that the workflow to delete anything is the same.

1) Click on item
2) Click the edit tab
3) Click the grey button at the bottom of the page that says "Delete"
4) Click the confirmation screen which looks basically the same regardless of what is being deleted

Preventing users from deleting themselves removes one symptom of this problem, but it doesn't address the root problem that the workflow and controls are the same regardless of the type of item and the outcome. I propose a few relatively small changes:

For step 3 - we change the "Delete" button to name what is being deleted "Delete user" and "Delete content" and "Delete comment". This alone would likely have prevented webchick's problem.

For step 4 - again, it should say "Delete user" or "Delete content" on the delete button. I also suggest we enhance the confirmation form to be able to display more content e.g. the avatar if it is a user. There is probably room to display more information which would further help users, but I think these three items would be a good step towards reducing this whole class of problems.

In spite of being in powerpoint, slide 10 of http://www.cfug-md.org/meetings/FormDesign.ppt has some good diagrams that help give a visual for what I'm describing (see attached screenshot) - credit to http://adrocknaphobia.com/

Webchick and others, if you disagree with me redirecting this issue I'll create a new one for the changes I propose.

bump - the patch in #23 does still apply.

Not any more.

This is actually, and effectively a duplicate of #8: Let users cancel their accounts.

8 already contains the required logic to prevent deleting the own user account without confirmation.

Thanks to webchick for pointing me to this issue. :)

I want to delete this account... I am in an intraductory computer course to which is why I applied to this account. I made a mistake and did not need this account.
How do I delete it?
I do not need this account and I do not want it... so to just leave it is a waste of space for me... can someone please help me figure this out?