User account not properly deleted.

[h6w]

On a zPanel 10.1.0 server upgraded to 10.1.1 yesterday.

Steps to replicate: (1) Log in as the zadmin user (2) Go to Reseller -> Manage Clients (3) Enter the fields to create an account, click Save (4) Log in as the user, add a domain (5) Log in as the zadmin user again (6) Delete the account, zadmin notifies that existing domain transferred to zadmin user. (7) Go back to Reseller->Manage Clients (8) Attempt to create the client again (with the same email address)

Expected Result: (1) Previous domains should be listed in zadmin user. (2) New (empty) client created.

Actual Result: (1) Domains not listed under zadmin user. (2) Error: "Another user account is already using this email address."

[h6w]

This may actually be two separate bugs. I just haven't yet had time to check to see if the domains are actually anywhere in the database. I strongly suspect that the transfer to the zadmin user failed, and the user still exists, but is disconnected from its domains.

[TGates71]

(2) is not a bug. if you want to re-use client names, you will need to manually remove them from the database.

[h6w]

Perhaps a different way to look at this bug is: The client name/email address is not represented anywhere in the interface after it's deleted but remains in the database. Or The account is not deleted but disabled.

We seem to be breaking a software engineering rule here. That being that if a key is required to be unique for the lifetime of the software, then it should be entirely independent and not user-defined. Users cannot see the underlying architectural consequences, they can only see what it shown to them via the interface.

[ghost]

This is bug for me. As we could make a mistake creating and account and delete it. Then try a new account setup. It will fail mainly as the email EXISTS too even if you change the name.

The account can be kept in DB but the way the account creation check if account exist must exclude those with status deleted.

Same then when retrieving passwords ( lost password) and all related account function.

You can't add another different account EVEN changing the user name but keeping the same email.

[ghost]

Lot of issues over this in support. I think we should try to fix it

@bobsta63 I can't change this settings and offer a pull unless you agree. As it requires a change in DB or request to pull user infos/ check them.

Me.B

[TGates71]

don't need change in DB, just the SELECT column FROM table WHERE deleted = NULL statement. rather simple.(null being active accounts) same goes with email address, domains/subs, alias, etc... although i would prefer to erase deleted accounts or move them aside (and all associated files/folders/logs/DBs) instead of load up the server with them. maybe a simple 'permanently remove' button in the client manager. I have an idea for this, 3 pages in client manager: active, add new and inactive. inactive will have the permanently delete button (or backup elsewhere or something).

[nikola66]

@TGates71 ++++1 :) Agreed the permanent delete option.

[TGates71]

We will look into this guys. @Caffe1neAdd1ct

[50l3r]

@TGates71 +1 Waiting for update :)