Prevent Enterprise Users from deleting own account on GitLab.com
Problem to solve
In GitLab, a user has the option to delete their own account by going to Settings > Account. When this occurs, the user account is removed from the DB and has all their issues/MRs assigned to Ghost User. This might be problematic for instances with policies in place that require an auditable history for users. Once a user is deleted, there's no way of assigning certain Ghost User activity to a certain removed user.
Proposal
- This is an Enterprise Users feature, for GitLab.com only
- Introduce a setting to prevent users from being able to delete their own account.
- This does not need to be at an individual user level, and can be at a higher level.
- Enterprise Group Owners should be able to delete the user's account
What does success look like, and how can we measure that?
- Users should no longer be able to delete their own account.
- Instance administrators can still delete those accounts. (Since this is a GitLab.com only feature, this would require involving Support as well as all the requisite authenticity verification processes).
- Perhaps not tackled in this issue but the approach for this issue needs to be compatible with these requirements:
- Enterprise Group Owners can delete their Provisioned Users.
- Provisioned Users cannot delete their own accounts.
Links / references
@nischay.rathor
OP fromCurrently users can delete own account from account in profile sections (https://company-xyq.com/profile/account). This action also removes any personal projects. Currently we have no configuration setting to prevent it. In our organisation we want to prevent users from deleting own accounts.