The admin should be able to de-activate an existing user in their organization so that when people leave they can be removed from seeing senstive financial data
Opened this issue · 7 comments
Acceptance Criteria:
- Should have a button in the Admin panel in front of all users that de-activates them
- Should not be able to de-activate themselves
- A member should not be able to de-activate an admin
- Should show a confirmation screen before de-activating the user to avoid accidental clicks
- Should not remove the user from the system and should merely soft-delete / mark them as inactive
- Should show only active users in
All Users - Should ensure that a de-activated user can not login anymore.
Could you please assign this issue to me? Thanks!
@kitallis @dvenkatr I had added the soft-delete functionality. There's a trash-can icon that appears for each user which when clicked does the soft deletion for that user and removes them from the view. However, the All Users view, when loaded on its own displays this deleted user with a de-activated status.
We will either have to choose between:-
1> Only displaying active users. Removing the user on deletion would be consistent with this.
2> Displaying both active and de-activated users. In which case, we'll need to change the post-delete display show that the deleted user is displayed as de-activated and not removed.
I'm in favor of 1.
2 can be confusing for the admin. Either the admin will be interested in actions pertaining to active users or de-activated ones but not both together. Hence the UI should be task/status-specific and optimized for the more expected/usual case. Also 2 can lead to the admin mistakenly deleting an already deleted user. This won't cause problems but it's best we make the UI restricted to prevent it.
I suggest 1 with future modifications to toggle the All Users between active and de-activated with possible actions (Delete, Re-activate) appearing contextually.
1 would also address #13
If we go ahead with 1, we can remove the status from display as it becomes redundant then.
@kitallis @dvenkatr I had added the
soft-deletefunctionality. There's atrash-canicon that appears for each user which when clicked does the soft deletion for that user and removes them from the view. However, theAll Usersview, when loaded on its own displays this deleted user with ade-activatedstatus.We will either have to choose between:-
1> Only displayingactiveusers. Removing the user on deletion would be consistent with this.
2> Displaying bothactiveandde-activatedusers. In which case, we'll need to change the post-delete display show that the deleted user is displayed asde-activatedand not removed.I'm in favor of 1.
2 can be confusing for the admin. Either the admin will be interested in actions pertaining toactiveusers orde-activatedones but not both together. Hence the UI should be task/status-specific and optimized for the more expected/usual case. Also 2 can lead to the admin mistakenly deleting an already deleted user. This won't cause problems but it's best we make the UI restricted to prevent it.I suggest 1 with future modifications to toggle the
All Usersbetweenactiveandde-activatedwith possible actions (Delete,Re-activate) appearing contextually.1 would also address #13
If we go ahead with 1, we can remove the
statusfrom display as it becomes redundant then.
1. sounds like the best option to me. I also agree that re-activation can be tackled later (or not at all at the moment).
Should only admins be able to de-activate other users (and admins)? I think that should be the case. Thoughts?
@murtaza0xFF Yes, this ability should be available for only admins. Other users should not even be seeing this option.
More so, the Admin tab should not be visible for non-admin users. That will take care of this.