-
Notifications
You must be signed in to change notification settings - Fork 0
Open
Labels
enhancementNew feature or requestNew feature or request
Description
If an unauthorized student accesses the attendance app (anyone in the momentumfrc slack can log in to attendance app as an unprivileged user), or if a mentor leaves the team, we should be able to remove their user account from the list of active users.
This is definitely a case for soft deletions, for two reasons:
- User ids are saved when students or attendance events are registered. We need the user corresponding to that id to persist, so we can verify who registered a student or attendance event, even if that individual has left the team and had their account deleted
- If a user is deleted, but then signs in again, we don't want to assign them a new user id. It's the same user, so they should have the same user id. This is only possible if user accounts are soft-deleted, so we can detect when a soft-deleted user signs in and we can re-activate their account instead of creating a new account.
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
enhancementNew feature or requestNew feature or request