When an account gets blocked at any project before stewards could change its global status via CentralAuth, if the steward tries to globally suppress the account, CentralAuth will successfully suppress the account on all projects but on those where the account has been blocked locally. CentralAuth should override local block settings if we decide to globally suppress the account.
Steps to reproduce
- User:Abusive-username is created and SUL propagates to several other projects and vandalizes.
- An administrator at a given project blocks the account locally.
- A steward notices the abusive name and locks and suppresses the account via CentralAuth
- Result: CentralAuth will block the account at all projects with the 'hideuser' flag enabled but will fail on the project where the admin blocked the account, hence the steward has to manually reblock the account there to remove it from public view.
- We've been given a script by Glaisher to work around this.
- Possible problem when reversing the action. CentralAuth should not remove local hideuser blocks imposed by their local oversighters in case of global unsuppression.