Bug #25479
Updated by Clark ANDRIANASOLO 2 months ago
The current default is @60 days@ for the @rudder.users.cleanup.account.disableAfterLastLogin@ configuration property : any user that did not log in a period of 60 days are disabled.
The disable reason is also empty in the users table (in the statushistory column) :
<pre>
{"actor": {"name": "rudder"}, "reason": "", "actionDate": "2024-09-17T10:00:00.000Z"}, "status": "disabled"}
</pre>
We should set it to a longer period of time by default : @90 days@, because users should be able to leave a Rudder instance unused for a longer period of time, as demonstrated by some client use cases.
The configuration value should still be modifiable, and the *@never@* value should be a supported one (a documentation should be added in the @configuration.properties.sample@ file).
Also, a known admin user should not be disabled.
We should also add a reason in the trace, e.g. "User did not login for too long" and log the disabling of users with a warning log (see also #25478).
Also, @rudder.users.cleanup.account.deleteAfterLastLogin@ should only apply on already disabled users only (therefore the value of 120.days seems reasonable)
We should also update the doc and sample for the configuration parameters.