Actions
Bug #25479
open
Users cleanup configuration is too strict on disabled users
Status:
Pending release
Priority:
N/A
Assignee:
Category:
Web - Maintenance
Target version:
Pull Request:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
Operational - other Techniques | Rudder settings | Plugins
Effort required:
Very Small
Priority:
0
Name check:
To do
Fix check:
Checked
Regression:
No
Description
The current default is 60 days for the rudder.users.cleanup.account.disableAfterLastLogin configuration property : any user that did not log in a period of 60 days are disabled.
The disable reason is also empty in the users table (in the statushistory column) :
{"actor": {"name": "rudder"}, "reason": "", "actionDate": "2024-09-17T10:00:00.000Z"}, "status": "disabled"}
We should set it to a longer period of time by default :
90 days, because users should be able to leave a Rudder instance unused for a longer period of time, as demonstrated by some client use cases.The configuration value should still be modifiable, and the
never value should be a supported one (a documentation should be added in the configuration.properties.sample file).Also, a known admin user should not be disabled.
We should also add a reason in the trace, e.g. "User did not login for too long" and log the disabling of users with a warning log (see also #25478).
Also, rudder.users.cleanup.account.deleteAfterLastLogin should only apply on already disabled users only (therefore the value of 120.days seems reasonable)
We should also update the doc and sample for the configuration parameters.
Updated by 
Updated by
Actions