View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0003116 | mantisbt | bugtracker | public | 2003-04-09 14:53 | 2023-05-04 16:23 |
Reporter | hacker | Assigned To | dregad | ||
Priority | normal | Severity | major | Reproducibility | always |
Status | closed | Resolution | unable to reproduce | ||
Summary | 0003116: If a user reports a bug, and gets purged for inactivity, updating the bug changes the username | ||||
Description | If a user reports a bug, and goes inactive for a year or some period of time, and their account gets purged for inactivity, updating the bug report that they've created will reset the Reporter field for that bug to the very first user in the alphabetical list of usernames, AND send the reporter email to that NEW user. | ||||
Steps To Reproduce |
| ||||
Additional Information | I'm not sure if there's a way to set the Reporter field to nothing, or perhaps display a warning page, and set the Reporter field to the "Guest" account or something (a "generic" catch-all user?), but sending the wrong user an email for a bug they never reported is probably bad too ;) | ||||
Tags | No tags attached. | ||||
related to | 0010141 | feedback | Disabled users are no more liste in filter | |
related to | 0008309 | closed | dregad | 'update' changes 'Reporter' and 'Assigned To' |
has duplicate | 0003260 | closed | jlatour | Delete/disabling a reporter causes bug reported by them to move to another user as reporter |
has duplicate | 0005736 | closed | thraxisp | Don't delete name of user if user is removed |
has duplicate | 0005784 | closed | thraxisp | Reported field updated with incorrect user |
has duplicate | 0003413 | closed | thraxisp | Deleting users causes confusion in old bugs |
has duplicate | 0005071 | closed | thraxisp | issue with deleting and disabling users |
related to | 0003819 | closed | dregad | delete currently logged user |
related to | 0007224 | closed | vboctor | "Update issue" and "move" is not good in some casses |
related to | 0007260 | new | Moving multiple issues from an obsolete user to an existing user | |
child of | 0004181 | closed | Features in Mantis 1.1 release |
Confirmed with 0.18.a4 and the latest CVS. A protected 'nobody' account must be created and when a user is deleted, all his bugs must be changed to this account. |
|
If a user is deleted, his/her identity should be returned by concatinating a prefix with the user id. Following is the code that handles this in user_api.php: function user_get_name( $p_user_id ) {
} The same behaviour should be done whereever necessary. |
|
This approach certainly helps noticing when a user was deleted, but wouldn't it be better to preserve relational integrity? We already delete records related to his/her id in the preferences table for example. |
|
Would you want to delete bugs reported by users when the user click "Purge inactive users"? I don't think this is a good idea. If we care about integrity, then we can have a script which recreated these users. Or recreate them as they are references and not found. |
|
Records which do not affect the tracker's purpose, like user preferences should be deleted. Important records like bugs for example should not be deleted. However, I think it is not the best practice to have orphan references in the database since one always expects the database to keep its relational integrity. I think the reporter's proposal of a catch-all account is the most reasonable way to deal with the situation, in addition to the present code to gracefully manage the cases when orphan key references are in fact present (on installs that have been upgraded from previous Mantis versions for example). |
|
What does this "Sponsoreship" mean ... isn't this a "vote" feature like bugzilla's vote feature? How can I remove sponsorship? |
|
please delete my sponsorship |
|
gwagenknecht, you can remove your sponsorship by setting the sponsorship amount to 0. |
|
IMHO, we should not be deleting users at all. Disabling them locks the account and nothing new can be added. They are no longer listed in any of the active lists (reporters, etc). This has the advantage of keeping the name displays intact until someone wants to change the associated user. |
|
I do agree with thraxisp. We could "logically" delete a user. If a user is just inactive, so it appears in users list (as inactive). We may have so, in admin/system_utils.php, a way to list all "deleted" users and :
|
|
Just to point out - the original problem also occurs if the user is disabled. Perhaps the reported by list should list all users in the system, even disabled ones? |
|
This is not reproducible in the latest release. |
|