Currently unable to delete users

Please don't use closed pastebins. What is RT?

@papukaija: The closed pastebin contains potentially sensitive infrastructure and user data so it is entirely appropriate to use it in this case (we generally try to use public pastes where we can but it's not always appropriate). The information was provided by our operations team for the development team to diagnose an issue in the SSO administration system. RT is "Request Tracker" and is our operations team's method of tracking deployment requests - again, not suitable for public broadcast due to the potentially sensitive nature of the information contained.

The oops was unrelated to the deletion of the user. I have confirmed with thedac that the user was successfully deleted.

With perfect timing, thedac replied it wasn't exactly as I just said :/ Doing further research

Ok, the problem appears to be that the account cannot be removed as the email address is still in use by another account.

I see two possible ways to solve this, depending on why this account is to be deleted

1. look for the second account with the same email address, and unlink the email address from it
2. remove the account + email address
3. remove the second account

or,

1. unlink the email address from the first account
2. remove the account
3. leave the second account + email address in place

The first scenario is when we want to completely remove the accounts. The second one when the account is being removed after a merge, and the only account to be left is the second one.

I hope this helps.

(commenting mostly to get LP to add me to a header for procmail filtering)

I'm very interested in finding out what happened, since this blocks a few support tickets.

Although this traceback still occurs while using the SSO admin UI, it doesn't seem to interfere with the management functions there.

FWIW, I still get HTTP 500 sometimes when attempting to access or search in the email/account views, and sometimes when attempting to delete users. The frequency seems to depend on timing; during the busiest hours this can happen as much as 2/3rds of the time, and during light traffic hours it's more like 1 in 10.

The Nexus admin UI helped quite a bit, but the root cause is still there.

I suspect the proxy may be timing out when SSO tries a database operation that takes too long.

OK, an account can't be registered with an already-existing email so we shouldn't be seeing any more of these in the future. Maybe a one-time check to locate any accounts still in this situation could be done?

In any case, I also verified by creating two accounts and manipulating them in the db admin so they both had the same e-mail address. I was able to successfully delete one of them using the self-service delete account functionality, and the remaining account is still operational.

I'll close this bug based on the above.