Add ability to disable user account

[mlipok]

Describe the feature you'd like

I have one employee which leave my company. I need to set him as disabled. I do not want to delete this account. As I still want to see all refereneced changes, and have possibility to restore him if he back to me.

Something like acccount deactivation should be possible.

The same to set Vacation mode to disable access for specific time period also should be possible.

Describe the benefits this would bring to existing BookStack users

It will be in line with the general direction of development of CRM / HelpDesk applications.

Can the goal of this request already be achieved via other means?

I do not think so.

Have you searched for an existing open/closed issue?

• [X] I have searched for existing issues and none cover my fundemental request

How long have you been using BookStack?

1 to 5 years

Additional context

none

[ssddanbrown]

Thanks for the request @mlipok. I'd consider the "vacation mode" part somewhat as an extension of the core request to disable users, so I have updated the issue title to instead focus on the disabling part.

Describe the benefits this would bring to existing BookStack users It will be in line with the general direction of development of CRM / HelpDesk applications.

This is not a benefit I'd generally accept as a driver for a feature, since this reasoning could be used to request many features that may be unsuitable, and I don't want to follow other systems for the sake of it. That said, I tihnk you've explained the benefits in the section above, which I'd summarise as: "Access could be easily disabled without loss of account references and metadata within the system".

Can the goal of this request already be achieved via other means? I do not think so.

Depending on authentication method used, you could alter the email/name/auth-id/password of the user account to effectively prevent their login while retaining the account. Some careful considerations may be needed to ensure they can't use a recovery mechanism or an alternate auth method to regain access.

[mlipok]

I'd consider the "vacation mode" part somewhat as an extension of the core request to disable users, so I have updated the issue title to instead focus on the disabling part.

Yes. But in fact my intention was to have one or both feature. Maybe I should make separate Request for "Vacation mode" ?

[mlipok]

That said, I tihnk you've explained the benefits in the section above, which I'd summarise as: "Access could be easily disabled without loss of account references and metadata within the system".

This is in fact better descriptions. Thanks.

Depending on authentication method used, you could alter the email/name/auth-id/password of the user account to effectively prevent their login while retaining the account. Some careful considerations may be needed to ensure they can't use a recovery mechanism or an alternate auth method to regain access.

Ah. Thanks. I will try this. However, this is a trick workaround ;)

[Atmis]

I second that request. We have someone who left the company, and we want to keep the references. So far, I have changed the user password with a random long and complex one, but it would be easier to just disable the user. We should then be able to filter the user list to only show active users. Thank you for your fantastic work!

[kassemz]

Having this feature would be good.

Maybe add it as a able to login permission or something similar that can be added/removed from roles?