Allow analysts to "merge" duplicate Login.gov accounts
Closed this issue · 3 comments
Issue description
For various (often good!) reasons, users delete their Login.gov account. After they make a new one with the same email, they're sometimes surprised they can't see their domains anymore.
When we identify that a user has multiple Login.gov accounts in the registrar, it should be easier for an analyst to "merge" accounts without giving them escalated privileges.
Merge is in quotes, since what's really happening is the legacy UUID is removed from a Domain request/Domain information/Domain, the new UUID is added to those things, and the legacy UUID is deleted.
Proposed solution
To solve this problem of merging accounts, let's add a button on the User page called "Transfer data from old account". An analyst or superuser can click the button on the object they want to receive the data. Clicking the button takes the user to a new view where there is a drop down to select the user who they want to source data from (i.e., the "legacy user"). Upon selecting and clicking a "preview" button, the user will see a side-by-side comparison of the two users to verify everything is correct with titles above each side (left should say "user to receive data" and right should say "user to lose data and be deleted"). This side by side comparison should include profile fields, created at date, last login date, domains, and domain requests. A button at the bottom called "transfer and delete old user" can then be clicked or a "back" button. Back should take them back to the original user, transfer and delete should transfer user domain roles, creator roles, permissions, etc to the receiving user. Once all are successfully transferred it then deletes the old user. After clicking this button a user should see a success message and all objects transferred to the receiving user. Error message should show if user can't be deleted.
Acceptance criteria
- "transfer data from old account" button is added to the User object and, when clicked, it takes you to a new view (like the analytics page does)
- the new view provides the drop down, side by side comparison and buttons as described above. User can easily switch the selected "outdated" user as needed.
- clicking the "transfer and delete old user" button should result in all connected objects being transferred from the outdated user to the receiving user. This should not include profile settings (as a user can update those) but should include transferring domain requests, portfolio, portfolio roles, user domain roles, permission, "creator" for domain info if applicable to this user, and any other field that could be linked to this user.
- user sees a modal to confirm their selection Prior to it being applied and can cancel the action
- Upon success the correct user is deleted
- success and error messages show
- Analyst and Superadmin groups/roles should be able to perform this action
Additional context
See Slack thread.
Links to other issues
No response
@Katherine-Osos or @witha-c may want to weigh in here on user flow and naming of buttons. Adding refinement so we can be sure to discuss this if we don't do so async
Thanks @abroddrick! I added some light readability edits.
I think this is close but definitely merits some refinement with design.
Moved to "Ready". It has been story pointed as well as categorized.