yuehong
1
I am trying to prevent the login of a soft-deleted user by adding the condition: only log the user in when the “Deleted Date” is empty
However, it doesn’t work—the user can still log in to the system.
So, I added a JavaScript check before the login action to display the condition’s result:
When I try to login, this is what I get:
Interestingly, when I enable the debugger in Step-by-Step mode, I get:
In the debugger, the condition result is correct, and it should prevent the login action from executing.
Why does the login action still execute and log the user in?
hanan1
2
looks like a privacy rule to me. User fields are hidden from other users until you manually expose them.
Try creating a workflow with the event being User is logged in and then create a single action “Log the user out” with that condition and report back.
When you soft delete a user, it’s always an option to change their email + password so that they cannot login anymore. (Append random basic string)
In your particular case it seems like a privacy rule issue as the deleted date might be not accessible to logged out/other users.