Suspend Accounts

[sammachin]

Description

As an admin I want to be able to suspend;

• • a users account,
• • a team
• • a single project

• such that they are unable to regain access

• a configurable message is displayed to the user on who to contact.

• The user(s) should be emailed this message as well.

• As an admin I should be able to choose if running projects are stopped and the configuration/data saved so that the account can be restored.

• Containers should be terminated so that minimal system resources are consumed by suspended accounts.

[sammachin]

MVP for V1 could be to just suspend a user account

[sammachin]

Dependent on #393

[sammachin]

This also would need #377 in some form for an admin to be able to suspend a project when suspending a user or a team

[hardillb]

If an admin suspends and account, how does this cascade down to teams and projects?

If the user is the single owner of a team then I can see all projects associated with that team are also suspended

If the user is one of many owners of a team, what then?

[sammachin]

For an initial iteration this should have no impact on teams or projects the account would be locked but other items would continue as is. The normal workflow would be for the admin to then separately suspend the projects if required.

[hardillb]

OK, next question, is the message to show unique to each user, or a single shared message for all users?

I'm going to default to a single message shared between all suspended users.

[sammachin]

A custom message would be preferable as that message should also be sent to the user when the account is suspended.

This would also remove the need to have a separate UI to configure the message as it can just be a modal text box as part of the suspend user workflow

[hardillb]

OK, so we need to store it until the user is reactivated or deleted as there may not be email to send the message and I assume we would show it again on an attempt to login

[sammachin]

Yes, its a short message thats stored against the user and shown to them when they attempt to login, if email is configured it should also be sent to the account when it is suspended.

[hardillb]

Initial attempt without any message sent/shown to the user (bar "User suspended" on login page) in PR #945

This is mainly to test the security aspects of this e.g. prevent login, remove current session.

[hardillb]

What reasons do we envision for suspending an account? Rather than free form text entry, how about a drop down list of reasons

e.g.

1. None Payment
2. Abuse (e.g. excessive network usage)
3. ...

[sammachin]

While we could probably come up with a list of reasons I'm not sure about hard coding the language in the messages into the application as we don't yet have enough experience and feedback on this.

A basic free text string would allow for much more flexibility here and allow for scenarios in the EE use case as well.

[hardillb]

I'm not necessarily suggesting hard coding, it's just that a free text field leads to problem with consistency and typos. I was thinking of pre-populating a list that could be edited by the admin.

But I also think that there is no point putting a lot of detail in the message, because once suspended the only way they are getting back in is to talk to the Admin/Support. E.g. if we suspend due to none payment then they can't log in to update the credit card details.

So a simple "Your account is suspended, talk to Admin/Support for details of why and how to get it re-enabled" should be enough.

[sammachin]

Additional config lists for admin is overkill here and just requires more setup, I agree that it would normally be a very simple message like above, but as an admin you would want to indicate how to contact someone, eg email admin@example.com, raise a ticket at https://support.example.com, call the helpdesk on x1234. Free text makes this the most flexible for EE deployments without adding too much configuration.

[hardillb]

How about something like the T&Cs link so the admin can supply a page that has contact information, we could include that link in the message and allows us to reuse it in other places in the UI?

[sammachin]

After a discussion we've decided the balance of flexibility and efficiency results in, suspended users will be shown a generic message: Your account has been suspended please contact $contact

Where $contact is a value that can be configured by the admin and parsed as either a URL (https:// or mailto:) or a plain text string.

This contact value will default to the email address of the initial admin user that is created on the system but can be modified.

The contact value may be used for other points in the system in future.