Open RichardTaylor opened 4 years ago
Wouldn't we want to keep the email address though, to enforce the ban?
If we anonymise the email address the user would be able to sign up again using the same email address.
This isn't that easy at the moment, because we do want to show the user profile when an account is temporarily suspended. "Ban for spamming" just updates User#ban_text
with a pre-set phrase.
I think we need to tackle https://github.com/mysociety/alaveteli/issues/3148#issuecomment-428232578 first, so that we have a better set of options for handling this type of thing.
I think when we click "Ban for spamming" we also want to close an account, and only show the profile page if the account is not "closed".
Adding Right to Know (Australia) vote to this request :)
When the "ban for spamming" button is pressed the user's profile should no longer be shown publicly.
I don't know if I'm reporting a bug here or making a feature request.
Their username should probably also become name removed, and their email address anonymised.
Consider what data we need to record to understand and tackle spam. If we don't want to collect data we could presumably just destroy these accounts? Retaining the accounts is presumably for data collection, enabling the reversal of mistakes, and internal accountability/tracking?
Related #5171 "Do not display profile photo for banned users" which I think refers to "banned for spamming" too.