search

BookStackApp / BookStack

A platform to create documentation/wiki content built with PHP & Laravel
https://www.bookstackapp.com/
MIT License
15.03k stars 1.88k forks source link

Add ability to disable user account #3564

Open mlipok opened 2 years ago

mlipok commented 2 years ago

Describe the feature you'd like

I have one employee which leave my company. I need to set him as disabled. I do not want to delete this account. As I still want to see all refereneced changes, and have possibility to restore him if he back to me.

Something like acccount deactivation should be possible.

The same to set Vacation mode to disable access for specific time period also should be possible.

Describe the benefits this would bring to existing BookStack users

It will be in line with the general direction of development of CRM / HelpDesk applications.

Can the goal of this request already be achieved via other means?

I do not think so.

Have you searched for an existing open/closed issue?

How long have you been using BookStack?

1 to 5 years

Additional context

none

ssddanbrown commented 2 years ago

Thanks for the request @mlipok. I'd consider the "vacation mode" part somewhat as an extension of the core request to disable users, so I have updated the issue title to instead focus on the disabling part.

Describe the benefits this would bring to existing BookStack users It will be in line with the general direction of development of CRM / HelpDesk applications.

This is not a benefit I'd generally accept as a driver for a feature, since this reasoning could be used to request many features that may be unsuitable, and I don't want to follow other systems for the sake of it. That said, I tihnk you've explained the benefits in the section above, which I'd summarise as: "Access could be easily disabled without loss of account references and metadata within the system".

Can the goal of this request already be achieved via other means? I do not think so.

Depending on authentication method used, you could alter the email/name/auth-id/password of the user account to effectively prevent their login while retaining the account. Some careful considerations may be needed to ensure they can't use a recovery mechanism or an alternate auth method to regain access.

mlipok commented 2 years ago

I'd consider the "vacation mode" part somewhat as an extension of the core request to disable users, so I have updated the issue title to instead focus on the disabling part.

Yes. But in fact my intention was to have one or both feature. Maybe I should make separate Request for "Vacation mode" ?

mlipok commented 2 years ago

That said, I tihnk you've explained the benefits in the section above, which I'd summarise as: "Access could be easily disabled without loss of account references and metadata within the system".

This is in fact better descriptions. Thanks.

Depending on authentication method used, you could alter the email/name/auth-id/password of the user account to effectively prevent their login while retaining the account. Some careful considerations may be needed to ensure they can't use a recovery mechanism or an alternate auth method to regain access.

Ah. Thanks. I will try this. However, this is a trick workaround ;)

Atmis commented 1 year ago

I second that request. We have someone who left the company, and we want to keep the references. So far, I have changed the user password with a random long and complex one, but it would be easier to just disable the user. We should then be able to filter the user list to only show active users. Thank you for your fantastic work!

kassemz commented 1 year ago

Having this feature would be good.

Maybe add it as a able to login permission or something similar that can be added/removed from roles?

Man-in-Black commented 4 months ago

I'm also stumbling across this feature, because some poeple left the company and I want to maintain their metadata. This would be very easy from the frontend if there is a checkbox "login enabled" or something like this.