Happy Business Starts Here

Recycling Bin

There are a couple of issues with the delete permissions, so this idea is a combination of a number of different ideas.

 

- By default delete permission are enabled in the "Standard Profiles", they should not be - giving delete permission should be a more active task by an administrator.

 

- Customising the default profiles is not possible, so you need to add a new profile to remove delete privledges. 

 

- In an active system you then need to identify the users to change to this profile, unfortunately there is no report.  So its a matter of clicking on each user and changing (easy to make a mistake)

 

- There is no way to remove the standard profile, so new users may get assigned to the wrong profile quite easily. (As this would be the detault option).

 

Ultimately it is very difficult to robustly control and remove delete permissions -  to address this a couple of things need to be done:-

 

- make the default profile editable.

- remove delete capabilities from the out of the box profile.

 

Even with all of this, mistakes can happen, and ultimately there needs to be a capacility to un-delete mistakes (or even malicious actions) which could otherwise risk the survival of a business.

 

There really needs to be an un-delete capability or a recycling bin (simiar to salesforce) that would allow object that have been deleted to be restored.

 

 

 

5 Comments
Zuora Product Team

Great set of ideas! I'd love to see this voted up. The concept of a recycle bin has been in the backlog for quite some time, but its priority tends to be low, as there are a number of strategies to mitigate most of the concerns you bring up.

Guru

This has my vote Smiley Happy

 

I personally hit frustrations around the inability to edit the standard permission profiles and users defaulting to levels with way too much power. (i.e. we would love to derault people to as close to read-only as possible and then grant permissions as needed)

 

A recycling bin would also be great. This could go hand in hand with the "coming soon" audit log where you would have a log of what got deleted and a way to bring it back.

Guru

Additional thought... In our own product we dont have the concept of a recycling bin exposed to the customer but we do employ soft-deletes and while the data vanishes from the UI, a user can contact support to have items recovered. This might be a good first step so that if a customer reviews the Zuora audit log (coming soon ;-) ) and sees something they need back, at least they could contact support and ask for it to be restored.

Totally support this: 

In Europe it is by fiscal law not allowed to delete any created invoice (no matter what status like cancelled).

So better permissioning is necessary, but recycle bin would also be very helpful.

And as said before: Maybe the ability to deactivate the standard profile which is allowed way to much freedom.

 

What would be nice to have in the recycle bin:

- accounts and contacts

- subscriptions and amendments

- invoices

- usage

- payments and refunds

- ...

 

Zuora Product Team
Status changed to: Under Consideration