Allow deletion of Pending User, not yet activated
|Category:||Accounts / authentication|
- fill the description as detailed as you can, don't hesitate to describe precisely how this feature should behave, try to add what benefits you're excepting from it
There should be two delete control's right next to the Activate control for each registered user. These two controls should both delete the registered un-activated user. One control deletes the user and sends an email saying the account request has been declined, the other control deletes the request silently, without sending an email.
Alternately, it should be possible to use a check mark box arrangement where you can select multiple/all pending un activated users for either one of the delete actions (with our without email notification).
Today - robotic attempts to get an account forever occupy the registered user list, making it hard to find valid new user requests. There is no good reason to keep invalid registration attempts in the database forever, and many good reasons to allow their deletion.
#3 Updated by Bill Richardson over 8 years ago
Hi, new to Redmine...
A necessary addition to the above feature is "resend activation email". I've written account activation systems from scratch for several customers, and there are always users who call/write and say "I didn't get my activation", usually due to spam blocking. Admins need the ability to resend the activation from the pending user record. Otherwise, we have to delete the user and start over, or worse yet, tell the user they're SOL and need to sign up again with a new email address.
#5 Updated by Bill Richardson over 8 years ago
Regarding the 'resending account activation' comment above, I've added a new feature issue to handle further discussion on this topic. I've also included a simple workaround for resending account activations. Find it here:
#6 Updated by Anthony Cartmell about 8 years ago
Being able to delete never-activated users would be most useful. If a user is in the "registered" state, they can't have done anything yet: so it must be safe to delete them from the users table, thus freeing up their email address, username, etc. for someone else to use.