Deleting a user from admin leaves it in DB, preventing username to be reused.

[popindavibe]

• PeerTube version or URL:
  PeerTube v1.0.0-beta.9

• Browser name/version:
  Firefox 61.0.1

• NodeJS version:
  v8.11.3

• What is the expected behaviour?
  A user removed by admin user in the web interface should be fully removed from database.

• What do you see instead?
  User is still listed in the actor table, and trying to re-create user via API gives:

{"error":"Another actor (account/channel) with this name already exists."}

[Nautigsam]

I just reproduced this bug on develop. The user, channel, and videos are deleted but not the underlying Actor.

[rhaamo]

Isn't that the behavior an AP-enabled app should have (not deleting the actor) ?

Because the user/actor could be followed be other people, and the next user reusing the same actor will still have them, and then could publish anything crap they want, somewhat impersonating the "previous" user.

[Chocobozzz]

@rhaamo I don't think so: if we delete the actor on our instance, we'll send an AP message and remote instances will remove the actor too (deleting the follow at the same time). And if an actor is created with the same username, the public/private keys will not be the same.

[Chocobozzz]

But I agree in a federated network, we should prefer blocking. Should be fixed in e04551d

[Chocobozzz]

In fact we should forbid to reuse an actor username to prevent potential identity theft

[popindavibe]

Would be good to be able to override from root user then, no? Or give possibility to fully remove user account.

…

On 30 July 2018 11:09:46 BST, Chocobozzz ***@***.***> wrote: In fact we should forbid to reuse an actor username to prevent potential identity theft -- You are receiving this because you authored the thread. Reply to this email directly or view it on GitHub: #870 (comment)

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

[Chocobozzz]

Fixed by c907c2f

@popindavibe Admin can remove it from the database but we don't really want to facilitate this kind of behaviour, because it could involve identity problems in the federation

[popindavibe]

Fine by me, explicit error message does the job.

…

On 27 August 2018 15:44:22 BST, Chocobozzz ***@***.***> wrote: Fixed by c907c2f @popindavibe Admin can remove it from database but we don't really want to facilitate this kind of behaviour, because it could involve to identity problems in the federation -- You are receiving this because you were mentioned. Reply to this email directly or view it on GitHub: #870 (comment)

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

[FirePowi]

"In fact we should forbid to reuse an actor username to prevent potential identity theft"

Well I had to face an identity theft and wasn't able to easily reuse that actor username because the first one to use the name was the thief.
And I guess we, as QueerTube, will have to face it more than once…

I guess that would really be helpful. Can't you open it for discussion please ? :-/

For now I guess we should just see what happen. But please consider that's not just a little issue.

I may be paranoid, but as a QueerTube admin I guess I should be.
For now, the gates are oppened. If trolls want to trolls, they can easyly create accounts with the names of Queer Youtubers that would have come joining us. For exemple the ones who follow us on twitter.

I guess this is a minor security issue and we might have on way of solving it :

Change the actor's owner :

• Being able to delete all the videos on an account at once
• Possibility for admin to change once's password and automaticaly send the new one to the user
  • Set it as random-no-see so that the admin don't see it.

Ping @Chocobozzz

[Chocobozzz]

@FirePowi good idea 👍 Please create separate issues

[Chocobozzz]

@FlatEarthTruther Please create an issue 👍

[ser]

In my opinion there should be a path to remove a user permanently.
It can involve some SQL from a command line, but having such a possibility is a must.

[alxlg]

@Chocobozzz

Hi, could you please tell me how to do this from the server's CLI? I have just setup an instance but I used some nicknames for channels instead of users and viceversa and I would really like to fix this before opening the instance to the public. Thank you.

[Chocobozzz]

Go in your database and run:

DELETE FROM actor WHERE "preferredUsername" = '...' and "serverId" is null;

[alxlg]

@Chocobozzz thank you very much!

[germanfung]

@Chocobozzz

Hi, can we hide or dim the button "Delete your account"?
I have setup Peertube for the org. All internal users will login using LDAP to watch and comment video only. However, I don't want them to delete their account accidentally that need me to jump into db and delete actor. Thanks

[mycloudmatrix]

If the handle is going to go into a pool of unusable account names, this should be made explicitly clear when deleting a user. Most social apps have the ability to recover an account that's been deleted at least within a certain period. Certainly the root user of an instance should have the capacity to restore a user, otherwise we are not following the ethos of software freedom.

I believe there needs to be a way to restore a username, or have it returned to an available pool.