Nodebb: Allow users to delete or "close" their accounts

I'm in favor with this but what will happen with the posts and threads? Depending on the account. It may or may not leave a mark.

Well from other websites I've seen such as Facebook and such, when a user
deletes or closes their account, it will simply say "A {site_title} User"
as the username in all of their posts and threads. I'm not sure if this has
been discussed before.

On Fri, Mar 28, 2014 at 2:34 PM, Quinton Marchi [email protected]:

I'm in favor with this but what will happen with the posts and threads?
Depending on the account. It may or may not leave a mark.

—
Reply to this email directly or view it on GitHubhttps://github.com/designcreateplay/NodeBB/issues/1284#issuecomment-38953379
.

Maybe the easiest way to do it would be a deleted flag (once again a soft delete) but in case the user would want to return in the future, just like FB? Then most of the functionality can be borrowed from the privacy features, maybe

Sounds good! So this will be reference here for the future depending on
whether or not you guys would like to implement this later.

On Fri, Mar 28, 2014 at 4:37 PM, psychobunny [email protected]:

Maybe the easiest way to do it would be a deleted flag (once again a soft
delete) but in case the user would want to return in the future, just like
FB? Then most of the functionality can be borrowed from the privacy
features, maybe

—
Reply to this email directly or view it on GitHubhttps://github.com/designcreateplay/NodeBB/issues/1284#issuecomment-38965345
.

Facebook has a 7 day wait on account deletion. Maybe let site operators set the time?

Would definitely put it in ACP as an option to either allow automatic delete of account. Or to require admin approval. Either way, I'd vote to leave posts untouched, just remove the links to the profile and the email address on file so they no longer receive any emails. The user doesn't technically exist in the db, but the posts remain, nothing worse than having a post deleted and not knowing half of the conversation.

I like what moot does, https://moot.it/manifesto/#permanent

@barisusakli I like it, with the ability to specify an edit time inside the ACP in minutes, 0 == disabled so you can always edit your posts for those that don't want the post lock.

Worth noting that reddit handles deleted account ownership of submissions/comments by replacing the username with a linkless [deleted] string. Would work to follow in those steps.

Hello... but, is there anyway to disable this feature?

Users deleted their posts after problem get solved, but I think these posts should last.

Thanks.

I am also in favour that even after account deletion, the posts must last in the db and on forum as a guest user. is this the case?

@FaizanZahid It appears that currently, when the admin deletes a user account, for example of a spammer, all the posts of the account are also deleted.

On the other hand, when users delete their own accounts without removing their posts first, then the posts are not deleted and keep the uid (user id number), appearing the removed user as _"Guest"_ on the posts.

I think it would be better as e.g. _"Guest 123"_, that is with the uid number, unique for each deleted user account.

totally agree with the unique 123 user id thing.

That's harder to do, as a "guest" account is just uid 0. We don't have the ability to maintain post history for guests, because... well, they're not users anymore!

We could possibly _fake_ it, in a way, by saving the old uid, but in general, users are deleted for a specific reason, no?

Also I should point out that admins have the choice of retaining posts or removing all posts when deleting a user via admin panel.

admins have the choice of retaining posts or removing all posts when deleting a user via admin panel.

@julianlam You are right, I've just tested it again and there are:

• Delete User(s)
• Delete User(s) and Content

The second is of course useful for spam accounts. The first option is useful when -for any reason such as privacy- a legitimate user wants her/his account removed by us instead of doing it her/himself, but agreeing to keep the useful posts.

We don't have the ability to maintain post history for guests, because... well, they're not users anymore!

I meant, even after the user account is deleted, when of course the user's database record is not there anymore, the post's database record still includes the user id.

For example, in my test, the post's record after deleting the user is the following:

{
    "_id" : ObjectId("5ab66b1b7865486708b0b196"),
    "_key" : "post:2578",
    "content" : "Testing...",
    "deleted" : 0,
    (...)
    "pid" : 2578,
    "tid" : 173,
    "timestamp" : 1521904411907.0,
    "uid" : 2839
}

I've created a user called _"Test User"_ (uid 2839), then published this post (pid 2578) with the short text _"Testing..."_, and deleted the user but not the post with the useful option you mentioned. It appears now as a _Guest_'s post.

The user's record is gone, but the post's record still contains the user's uid number. So the post could appear attributed to _"Guest 2839"_ instead of only _"Guest"_ for all past accounts.