import { members } from 'wix-members-backend';
// Sample id value:
// 'efab296e-2687-4751-9956-ee73200dd4bb'
export function myDeleteMemberFunction(id) {
return members.deleteMember(id)
.then(() => {
console.log('Member deleted');
})
.catch((error) => {
console.error(error);
});
then I call it at the front end and pass the member ID also form the front end, when I run it at the editor it works fine and the member is deleted from the member’s collection and also from the Dashboard “site members” list.
The problem is when I run it live, this function does not delete the member from the members collection neither from the dashboard of the site… I notice and assume that from the editor works fine because the user is my account that is the “admin” or site owner account and in the members collection permissions only “admin” can delete… so whats the point of the deleteMember( ) function if only the site owner or admin can delete members, being that what I need for this project is that each member can be able to delete their own account.
You are correct that only admins can delete members. This function would be useful when doing some periodic job on the backend (such as using jobs.config to delete old/inactive accounts) or if you make a dashboard for admins to manage users and one of the functions is to delete a member.
Also consider that with how this code is written if it did work without admin priveleges then any member could delete any other member as long as they knew their member id. Not that it matters here thanks to permissions but you should make sure not to trust user input and generally get that information yourself (ie. via https://www.wix.com/velo/reference/wix-members-backend/currentmember/getmember )
You could workaround this limitation by having a “Request deletion” button that sets a value in a collection indicating the user wants to be deleted and then scheduling a job in jobs.config to periodically run a function that deletes all users specified in that collection. https://www.wix.com/velo/reference/getting-started/schedule-jobs
I always deleted members as an Admin and never tried it from a regular account,
so I can’t say that it is not possible.
But let’s say you’re right and you can’t do, there’s an alternative you can use:
Let’s say your domain is mydomain.com , you can change the loginEmail of the member to be deleted-memberId@mydomain.com (use the actual member id)+ make their profile private.
This way the user will no longer be able to login to the site (as they don’t know the new email address). And once in a while run a query as Admin to remove all the members with this type of login email. https://www.wix.com/velo/reference/wix-members-backend/authentication/changeloginemail
You got a point there with the members deleting another accounts, thanks you for the reply, Now that I know only admins can delete I no longer have to spend hours trying to configure my code.
Hello, scheduling jobs seams to have the same permission issue, it gives access denied, same for the dataset hooks, so it’s not about admin permission ! Does giving admin permission to users will work ?
