Allow users to remove their account

Question

I am developing a gallery which allows users to post photos, comments, vote and do many other tasks.

Now I think that it is correct to allow users to unsubscribe and remove all their data if they want to. However it is difficult to allow such a thing because you run the risk to break your application (e.g. what should I do when a comment has many replies? what should I do with pages that have many revisions by different users?).

Photos can be easily removed, but for other data (i.e. comments, revisions...) I thought that there are three possibilities:

• assign it to the admin
• assign it to a user called "removed-user"
• mantain the current associations (i.e. the user ID) and only rename user's data (e.g. assign a new username such as "removed-user-24" and a non-existent e-mail such as "[email protected]"

What are the best practices to follow when we allow users to remove their accounts? How do you implement them (particularly in Rails)?

Answer 1

I've typically solved this type of problem by having an active flag on user, and simply setting active to false when the user is deleted. That way I maintain referential integrity throughout the system even if a user is "deleted". In the business layer I always validate a user is active before allowing them to perform operations. I also filter inactive users when retrieving data.

Answer 2

The usual thing to do is instead of deleting them from a database, add a boolean flag field and have it be true for valid users and false for invalid users. You will have to add code to filter on the flag. You should also remove all relevant data from the user that you can. The primary purpose of this flag is to keep the links intact. It is a variant of the renaming the user's data, but the flag will be easier to check.