apache
feat(users): user deletion to allow for asset reassignment and the option for a soft/hard delete
SUMMARY
Fixes: https://github.com/apache/superset/issues/13345 When trying to delete a user, the error message "Associated data exists, please delete them first" appears. Even with all the charts and dashboards created by the user being deleted, the user being set as inactive, and their role setting deleted, it is not possible to delete the user.
Our changes involve:
- Frontend UI changes and new backend API endpoints for asset reassignment (dashboards, charts, saved queries)
- FK constraint rule modifications for hard deletion
- New
ab_usercolumns to support soft deletion
Regarding a user's action logs after they are deleted:
- Hard deletion will result in the user's PII to disappear from the logs
- Soft deletion will result in the user's username to stay intact in the logs
BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
Deletion UI before:
Deletion UI after:
TESTING INSTRUCTIONS
- Login as an admin
- Create a new user
- Login as the new user and create assets such as dashboards/charts/saved queries
- Login as admin and attempt to delete the user from the "List Users" page
- You will be prompted to reassign the user's assets, and choose whether or not to perform a soft delete (this option allows for future retrieval of this user's account from the database if needed)
ADDITIONAL INFORMATION
- [x] Has associated issue: https://github.com/apache/superset/issues/13345
- [ ] Required feature flags:
- [x] Changes UI
- [x] Includes DB Migration (follow approval process in SIP-59)
- [x] Migration is atomic, supports rollback & is backwards-compatible
- [x] Confirm DB migration upgrade and downgrade tested
- [x] Runtime estimates and downtime expectations provided
- Migration adds a nullable column - near-instant on all databases
- Migration adds a boolean column (with default value) to the
ab_usertable - near-instant on all databases - Zero downtime - existing queries continue to work
- [x] Introduces new feature or API
- [ ] Removes existing feature or API
Codecov Report
:x: Patch coverage is 43.44262% with 69 lines in your changes missing coverage. Please review.
:white_check_mark: Project coverage is 48.03%. Comparing base (341ae99) to head (41ad93b).
:warning: Report is 64 commits behind head on master.
Additional details and impacted files
@@ Coverage Diff @@
## master #36342 +/- ##
===========================================
+ Coverage 0 48.03% +48.03%
===========================================
Files 0 638 +638
Lines 0 46933 +46933
Branches 0 5096 +5096
===========================================
+ Hits 0 22544 +22544
- Misses 0 23738 +23738
- Partials 0 651 +651
| Flag | Coverage Δ | |
|---|---|---|
| hive | 43.74% <43.44%> (?) |
|
| presto | 47.33% <43.44%> (?) |
|
| python | 48.03% <43.44%> (?) |
|
| unit | 100.00% <ø> (?) |
Flags with carried forward coverage won't be shown. Click here to find out more.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
:rocket: New features to boost your workflow:
- :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
- :package: JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
Thank you for the PR, @jl141! I believe this feature would benefit from a SIP that aligns with and complements SIP-27: Proposal for Paranoid Deletes. Implementing soft deletion will impact several areas in Superset where users are referenced, such as datasets, charts, dashboards, and saved queries. Additionally, there’s an important distinction between items that can be reassigned and those that cannot—like log entries.
