The admin should be able to de-activate an existing user in their organization so that when people leave they can be removed from seeing senstive financial data
Opened this issue · 7 comments
Acceptance Criteria:
- Should have a button in the Admin panel in front of all users that de-activates them
- Should not be able to de-activate themselves
- A member should not be able to de-activate an admin
- Should show a confirmation screen before de-activating the user to avoid accidental clicks
- Should not remove the user from the system and should merely soft-delete / mark them as inactive
- Should show only active users in
All Users
- Should ensure that a de-activated user can not login anymore.
Could you please assign this issue to me? Thanks!
@kitallis @dvenkatr I had added the soft-delete
functionality. There's a trash-can
icon that appears for each user which when clicked does the soft deletion for that user and removes them from the view. However, the All Users
view, when loaded on its own displays this deleted user with a de-activated
status.
We will either have to choose between:-
1> Only displaying active
users. Removing the user on deletion would be consistent with this.
2> Displaying both active
and de-activated
users. In which case, we'll need to change the post-delete display show that the deleted user is displayed as de-activated
and not removed.
I'm in favor of 1.
2 can be confusing for the admin. Either the admin will be interested in actions pertaining to active
users or de-activated
ones but not both together. Hence the UI should be task/status-specific and optimized for the more expected/usual case. Also 2 can lead to the admin mistakenly deleting an already deleted user. This won't cause problems but it's best we make the UI restricted to prevent it.
I suggest 1 with future modifications to toggle the All Users
between active
and de-activated
with possible actions (Delete
, Re-activate
) appearing contextually.
1 would also address #13
If we go ahead with 1, we can remove the status
from display as it becomes redundant then.
@kitallis @dvenkatr I had added the
soft-delete
functionality. There's atrash-can
icon that appears for each user which when clicked does the soft deletion for that user and removes them from the view. However, theAll Users
view, when loaded on its own displays this deleted user with ade-activated
status.We will either have to choose between:-
1> Only displayingactive
users. Removing the user on deletion would be consistent with this.
2> Displaying bothactive
andde-activated
users. In which case, we'll need to change the post-delete display show that the deleted user is displayed asde-activated
and not removed.I'm in favor of 1.
2 can be confusing for the admin. Either the admin will be interested in actions pertaining toactive
users orde-activated
ones but not both together. Hence the UI should be task/status-specific and optimized for the more expected/usual case. Also 2 can lead to the admin mistakenly deleting an already deleted user. This won't cause problems but it's best we make the UI restricted to prevent it.I suggest 1 with future modifications to toggle the
All Users
betweenactive
andde-activated
with possible actions (Delete
,Re-activate
) appearing contextually.1 would also address #13
If we go ahead with 1, we can remove the
status
from display as it becomes redundant then.
1.
sounds like the best option to me. I also agree that re-activation can be tackled later (or not at all at the moment).
Should only admins be able to de-activate other users (and admins)? I think that should be the case. Thoughts?
@murtaza0xFF Yes, this ability should be available for only admins. Other users should not even be seeing this option.
More so, the Admin
tab should not be visible for non-admin users. That will take care of this.