Users that are marked as deleted, can be fined. This has already happened with production user 1907. This seems to be caused by the fact that deleted users are included in the GET /balances/all response, but this probably should not be the case. Their balance is however cached, which I think is fine?
To fix, deleted users should not be included in the BalanceService.getBalances repsonse, as this method is also included in the execution pipeline to calculate and hand out fines. Seems to be an easy fix (a simple WHERE clause). However, the BAC treasurer should also check which deleted people received a fine and waive these, because they have no way to pay their fine.
Users that are marked as
deleted
, can be fined. This has already happened with production user1907
. This seems to be caused by the fact that deleted users are included in theGET /balances/all
response, but this probably should not be the case. Their balance is however cached, which I think is fine?To fix, deleted users should not be included in the
BalanceService.getBalances
repsonse, as this method is also included in the execution pipeline to calculate and hand out fines. Seems to be an easy fix (a simple WHERE clause). However, the BAC treasurer should also check which deleted people received a fine and waive these, because they have no way to pay their fine.