Disable user account

claveryu · May 8, 2026, 8:04am

Discuss

Hello,

I would know if it would not be good to have the possibility to disable and not only remove a user account in the webadmin panel.

I’ve read this post : How to disable a user account wich is interesting to limite user usage of apps in Yunohost.

Thank’s

MariusBaguepi · May 8, 2026, 9:49am

So you mean that you want to have a group of users where they do have no permission, and a group of users where they have the permissions for all users except the unathorized one ?
Nothing to do with the visitors one.

Maybe you just could try to use the group “All users” and add a group “Authorized users” ; and add all the permissions existing in “All users” in “Authorized users” and then remove all the permissions in “All users”.

netzy-cloud · May 8, 2026, 10:06am

This is a unique solution to the issue but there are some caveats. First, is even if you remove all permissions they will still inherit the visitors permissions and will be able to access those resources.

This is how we approached it with a customized solution.

Make a group named “Unauthorized Users” and remove all permissions
add the user you want to restrict
Only have public facing websites and apps marked as Visitors (like mastodon and your homepage)

These are the only resources they will be able to access. Outside of this, the only other workaround is to manually change their password.

Hope this is helpful in understanding your options

MariusBaguepi · May 8, 2026, 10:20am

That mean that you do have no permission set in “All users”, right ?

At my point of view, a user access is defined by the combination of :

“All users” permissions
plus permissions available in all the groups where the user is present
plus permissions available in the Authorization for individual accounts, if the user is present in this group.

netzy-cloud · May 8, 2026, 10:35am

This is correct. I made a custom all users group separate from the systems All Users group. My setup involves a group called Authorized Users and Unauthorized Users. Authorized Users have all the permissions that used to be assigned to the systems All Users group and Unauthorized Users have no permissions to restrict access.

netzy-cloud · May 8, 2026, 10:44am

Although, Unauthorized Users can still login and they will be presented with tiles from the Visitors group as anyone from the internet can access those without being logged in as well. So, it is something to be aware of for those folks seeking a total solution to prevent someone from logging in at all. This is not the solution that will accomplish that. As they can still login but can only access resources based on the given permissions in the system, which for me is everything assigned to the Visitors permission. So it works for me as they can’t access protected resources and stuff like Mastodon has it’s own internal permission system so if you needed to deny access you could accomplish it with an additional step through the public facing apps admin panel.