Page MenuHomewrite.as

Support disabling accounts
Open, NormalPublic

Description

Overview

Admins should be able to disable access to an account. This should:

  • Make the user's blogs and posts inaccessible to the world
  • Prevent the user from creating new posts or blogs
  • Still allow the to log in, so they can e.g. export their data
  • Update the user count via Write.as Teams API

A suspended user shouldn't count towards an instance's count of active users. So: reflect this in NodeInfo and the count sent to Write.as Teams API.

Implementation

When an admin suspends another user, we should insert into the userattributes table:

  • user_id = {suspended user's ID}
  • attribute = 'suspended'
  • value = '1'

Now, on the viewing side:

  • Make the user's blogs and posts inaccessible to the world

In collection viewing handlers -- via web, API, and ActivityPub -- do this:

SELECT 1 FROM userattributes WHERE user_id = {collection.ownerID} AND attribute = 'suspended' AND value = '1'

(NOTE: See existing funcs in database.go for how we create a helper func for this.) If that returns a row, return a 404 for the collection / collection post.

  • Prevent the user from creating new posts or blogs

When publishing or updating posts, again check if the user is suspended, as above, and return a 403 Forbidden if they are.

  • Still allow the to log in, so they can e.g. export their data

(No additional development needed here.)

Related Objects

StatusAssignedTask
OpenNone
OpenNone
Openrobjloranger

Event Timeline

matt created this task.Jun 28 2019, 1:28 PM
matt moved this task from Far Future to Next Release on the WriteFreely board.Jul 2 2019, 2:35 PM
matt updated the task description. (Show Details)Tue, Aug 27, 3:37 PM
matt assigned this task to robjloranger.
matt added a comment.Tue, Aug 27, 7:06 PM

Another thing to note: suspended users shouldn't show up in the Reader view.

For activity pub related endpoints, should it just be:

  • outbox
  • inbox
  • following
  • followers
matt added a comment.Wed, Aug 28, 7:08 PM

Right, those are all of them. And they only need to return the 404 status, not any other data.