disable_user_deletion
520 sites
Security covered
User deletion is always a sensitive task for two key reasons:
- It can involve the deletion of content or changes to the content's authorization.
- There are two open core issues: potential content regressions (Issue 3089747) or errors in the ownership of revisions (Issue 2977362).
For these reasons, it is crucial to perform this action in a highly controlled manner.
This module allows you to enable or disable the two actions associated with user deletion:
- Delete the account and makes its content belong to the Anonymous user.
- Delete the account and its content.
This helps prevent possible disasters in the production database.
In complex projects, the recommended process is to first test the user deletion in a staging environment. If everything works as expected, you can then proceed with the action in production.
How to configure
- Go to "/admin/config/disable_user_deletion/settings".
- Select the actions would you like to disable.
Disable drush commands
To apply these restrictions to Drush commands, copy this code into the file "drush/Commands/PolicyCommands.php":
/**
* User cancel policy .
*
* @hook validate user:cancel
*
* @throws \Exception
*/
public function usercancellValidate(CommandData $commandData) {
// Only validate if module 'disable_user_deletion' is enabled.
// @phpstan-ignore-next-line
if (\Drupal::service('module_handler')->moduleExists('disable_user_deletion')) {
// @phpstan-ignore-next-line
$config = \Drupal::config('disable_user_deletion.settings');
if ($config->get('user_cancel_delete') && $commandData->input()->getOption('delete-content')) {
throw new \Exception(dt('The option to delete users has been disabled, please contact the technical administrator.'));
}
if ($config->get('user_cancel_reassign') && $commandData->input()->getOption('reassign-content')) {
throw new \Exception(dt('The option to reassign content has been disabled, please contact the technical administrator.'));
}
}
}