We do not recommend that you setup new ChiliProject instances and we urge all existing users to migrate their data to a maintained system, e.g. Redmine. We will provide a migration script later. In the meantime, you can use the instructions by Christian Daehn.

## User deletion does not work

Hi,

First of all, a big thanks for your work. We use Chiliproject for Orekit [https://www.orekit.org/forge/], a free low-level space dynamics library distributed under Apache v2.0 license, and all contributors are satisfied with it.

But we have a little issue with the user account deletion. It fails with the following error:

403You are not authorized to access this page.

The following message appears in the log file:

Processing UsersController#destroy (for xx.xx.xx.xx at 2013-02-27 15:16:28) [DELETE]  Parameters: {"back_url"=>"/forge/users?c%5B%5D=login&amp;c%5B%5D=firstname&amp;c%5B%5D=lastname&amp;c%5B%5D=mail&amp;c%5B%5D=admin&amp;c%5B%5D=created_on&amp;c%5B%5D=last_login_on&amp;name=johndoe&amp;save=&amp;status=", "action"=>"destroy", "_method"=>"delete", "authenticity_token"=>"xxxxxxxxxxxxxxxxxxxxxxxxxxxx", "id"=>"32", "controller"=>"users"}Rendering template within layouts/baseRendering common/error (403)Completed in 23ms (View: 18, DB: 2) | 403 Forbidden [https://www.orekit.org/forge/users/32?back_url=%2Fforge%2Fusers%3Fc%255B%255D%3Dlogin%26amp%3Bc%255B%255D%3Dfirstname%26amp%3Bc%255B%255D%3Dlastname%26amp%3Bc%255B%255D%3Dmail%26amp%3Bc%255B%255D%3Dadmin%26amp%3Bc%255B%255D%3Dcreated_on%26amp%3Bc%255B%255D%3Dlast_login_on%26amp%3Bname%3Djohndoe%26amp%3Bsave%3D%26amp%3Bstatus%3D]

This message does not explain why the operation failed and I do not know what is wrong. Could you help me?

Our environment:
• Debian GNU/Linux stable (6.0)
• Apache 2.2.16
• PostgreSQL 8.4
• Ruby 1.8.7
• ChiliProject 3.7.0
• Plugins: Redmine Latex MathJax, SCM Creator, Extended fields

### Replies (2)

#### RE: User deletion does not work - Added by Felix Schäfer at 2013-07-02 06:04 pm

Not all users are deletable, only those that are registered and haven't logged in yet.

Could you check the DB row for that user if the last_login_on is null and status is 2? That's the only combination that should allow deletion currently.

#### RE: User deletion does not work - Added by Meji Aufeev at 2014-03-26 03:18 pm

We can't delete users that have logged in before? Well that's a bummer. There are a few that are causing some ruckus that I'd really like to get rid of. Is there any way around this?
________________