Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...DotNetNuke 5.1 User Accounts Not Actually Deleted?DotNetNuke 5.1 User Accounts Not Actually Deleted?
Previous
 
Next
New Post
7/31/2009 7:57 AM
 
Michael Washington


Michael Washington's Avatar

www.LightSwitchHelpWebsite.com
Joined: 7/17/2004
Posts: 3526

Sebastian Leupold wrote
 

...the best option would be an interface (event) as business layer API (which would even support different stores being used by core and module). 

I agree and I do not think this would be hard to do.

I see that people are asking "What should we do when we want to delete data when a module is deleted or users have been deleted"? The supported way is to create an event in the event scheduler. When your event runs it can perform a query to perform any clean up that you need.

I looked through my tutorials and only found one where I connect to a Core table directly without a disclaimer (to update the UserPortals table to add the user to the current portal). So if this breaks in a future DNN version it's on me :)

Even if DNN dropped the data provider model and went totally with Microsoft SQL it would have to make changes to the database schema from version to version.

 


Michael Washington
http://ADefWebserver.com
www.ADefHelpDesk.com
A Free Open Source DotNetNuke Help Desk Module
 
New Post
7/31/2009 9:12 AM
 
Jay Mathis


Jay Mathis's Avatar

Jay Mathis's Avatar

Joined: 10/11/2003
Posts: 155

I disagree strongly.

I am not making any assumption about the structure of the Users table or what might happen to it in the future beyond the fact that it will have a Primary Key called 'UserID'.  That is not unreasonable. 

In the case where a module needs information about the User it is entirely logical to assume the module will reference the User object and leverage the DNN Profile API instead ot duplicating User data in its own table and having to worry about syncing the same data across mutlple table.   It is also not unreasonable to assume that the module would want to keep referential integrity intact on any tables that included User related data such that if a User were deleted via the DNN API, that any data in third party modules would also be cascade deleted. 

There simply MUST be some mechanism by which a module developer can reference core entities such as User and know that when those entities are deleted using the frameworks API, that related data in custom modules will also be deleted correctly.  Unfortuntely, the framework provide no mechanism for hooking into that event so module developers are forced to rely in foreign key definitions to keep referential integrity intact. 

Also, as for the DB provider...  while I agree that its a great model, the reality is that probably 99.99% of all DNN installations are using SqlServer.  I do DNN consulting all day every day for thepast 6 years and I have yet to see a single client using anything other than SqlServer with DNN.   The reality is that of the hundreds (thousands?) of modules out there, almost none of them come with any other provider other than SqlServer.  While I am sure there are some outliers out there,  they are few and far between.  So while its great to talk about the theoretical model, it doesn't really match up with what has been implemented in reality.

Anyways, we can debate round and round about the proper way module developer SHOULD have been referencing and handling RI for core entities like Users or Modules, but the only thing we need to realize right now is the framework does not provide any functionality for hooking into a delete event for a core entity AND for the past 6 years, module developers have been handling this requirement by including foreign key constraints that cascade deletes based on the expected behavior of hard deletes on the User table.  For all of those modules, this is a breaking change and will prevent them from upgrading to DNN 5.1.    Simply saying all those hundreds of modules made a mistake and now any portal that used them are out of luck is not the proper response.  

I really only see two possible solutions:

1) Revert the bahavior back to hard deletes

2) Complete the feature set of providing soft deletes by including the functionality to A) clear out sof deleted records similar to the Recycle Bin and B) restore records that have been soft deleted.  Withouth this basic level of functionality, having soft deletes is not very useful.

I suggest #1 until #2 can be completed.
 
New Post
7/31/2009 9:44 AM
 
mikez


www.MIKEZ.com
Joined: 8/8/2003
Posts: 154

To add to the debate...
Soft user delete is an unfinished feature.  I looked thru the code and there are significant code changes to implement this feature so far.  There has to be a roadmap detailing the final goal.  I suspect that this was implemented to satisfy a PE user.  This will adversely affect PE & CE users.

I'll ask the question again:
What is the "Practical" difference between "unauthorized" and "soft user delete"? 

Here is some code to "undelete" a user.

Dim objuser As UserInfo = Nothing
objuser = UserController.GetUserByName(PortalId, "joe")
If objuser.IsDeleted Then
   objuser.IsDeleted = False
   UserController.UpdateUser(PortalId, objuser)
End If

When you "undelete" an unauthorized user that was deleted, the account is still unauthorized after it is undeleted.


mikez

 
 
New Post
7/31/2009 9:57 AM
 
Jay Mathis


Jay Mathis's Avatar

Jay Mathis's Avatar

Joined: 10/11/2003
Posts: 155

Thats a great point Mikez

From any use case I can imageine, 'Unauthorize' provides all the same functionality as a soft delete...   The user record remains but the person has no access.
 
New Post
7/31/2009 10:08 AM
 
Jay Mathis


Jay Mathis's Avatar

Jay Mathis's Avatar

Joined: 10/11/2003
Posts: 155

Also, to Micheal's point about the provider model, nothing about what I doing violates the provider model.

Every DB has some way of enforcing referential integrity at the DB level.  For SqlServer, this is defining a foreign key with Casase Delete.  For mySql, maybe its creating a Trigger.   Either way, the method will rely on a Primary Key (UserID) of the table in question.

Also, it is not really reasonable for modules to move referential integratity logic up to the business logic layer in a scheduled job when that is what the DB is designed and optimized for.   I can imagine a scenario where you might have dozens of modules installed, each with their own scheduler job to enfore referential integrity.   In a high traffic site that might need real time updates, you would have to run those jobs contantly.    DNN performance has always been a sticky point with client and we certainly don't need to adding a whole bunch of overhead via scheduled jobs to handle something that can be handled at the DB level much more efficiently.

 
 
 Page 4 of 7
Previous12345...7Next 
Previous
 
Next
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...DotNetNuke 5.1 User Accounts Not Actually Deleted?DotNetNuke 5.1 User Accounts Not Actually Deleted?


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out