#253 Add ability to delete dangling users.

v1.3.0
wont-fix
nobody
None
5
2016-08-01
2012-11-17
No

As part of my effort to write the book, I wondered if deletion of a user deletes the cluster-user as well as the application user (the entry in the users table) and by consequence:

(a) If it does, how does it detect that it shouldn't be dropped because it's used in other databases?
(b) If it doesn't, how do we prevent "dangling" database logins?

As it turns out, it does. However:

1. It checks if the user exists in the users table, so, dangling users can't be deleted
2. It doesn't check if the user has other roles in the database (possibly logins to other lsmb apps?) indicating the cluster user can't be deleted, throwing away all other access said user has to the cluster

Discussion

  • Chris Travers

    Chris Travers - 2012-12-07

    For dangling users, I think we are going to have to have something rather different as there is no way to pull these up from the UI, so will be moving this to a featuer request. As for checking other roles, we do require that an administrator tell the function to actually delete the role. If this is inadequate we might do better to put this through a second feature request.

     
  • Chris Travers

    Chris Travers - 2012-12-07
    • milestone: 2085417 -->
    • summary: Admin.sql::admin__delete_user drops user incorrectly --> Add ability to delete dangling users.
     
  • Chris Travers

    Chris Travers - 2016-08-01
    • status: open --> wont-fix
    • Group: --> v1.3.0
     
  • Chris Travers

    Chris Travers - 2016-08-01

    As I think about it, I don't think the LSMB accounting app should be able to do this. I don't object to a feature request against App::LedgerSMB::Admin to list users and delete roles that are dangling however (that would be a command line tool), and we could expose that to the web after/

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks