You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Approach: we could add is_disabled boolean field to users db, false by default. Then, we add a default_scope, which is is_active: false to User model. It's usually an antipattern, but in this case since we'll have to use it like in 90% of cases, should be okay.
Then, we'll exclude that default scope in /admin/users, and add a field - checkbox is_disabled to the edit user form.
Ticket: CrisisCleanup#387
* Added `is_disabled` boolean field to `users` table, `false` by default.
* Added a `default_scope`, which is `is_active: false` to `User` model.
It's usually an antipattern, but in this case since we'll have to use
it like in 95% of cases, it should be okay.
* Excluded that default scope in `Admin::UsersController`'s actions
* Added the column `is_disabled` to the User's databable in `datatable.js`
field, and also the checkbox `is_disabled` to the edit user form.
Testing:
* I've clicked through the site, found those places where we have users
list:
* /admin/users
* /worker/my-organization
* /worker/incident/:iid/organizations/:oid
I think that's it. Everywhere there the disabled user was not listed
Also
* Made sure after disabling you can't log in anymore.
* You still can send an invitation to signup to the same email, that was
disabled, but if you try to signup, it fails silently. Would be nice
to improve error messaging there, but for now it's out of scope of
this PR.
* You still can see an invitation in `/worker/my-organization`, even if
user was disabled. I guess that's fine, what do you think?
Other that that, it seems to be working, unless I missed something. :)
The system currently has no way to de-activate a user. We need to have that setting that prevents access and hides them form lists everywhere.
The text was updated successfully, but these errors were encountered: