[FR] Members management improvements (API/deactivation)

[GabDug]

Hey 👋

Context

We use Sourcebot EE, with a SSO login.

However, as SCIM is not available, old organization members are not deleted automatically, which may lead to security issues (they may not be able to log-in, but API key might still be active), as well as taking up seats for Sourcebot EE.

Deleting members must currently be done manually or through the DB directly.

Suggestion

As implementing LDAP/SCIM can be cumbersome, both for developers and Sourcebot administrators, here's some suggestions that provide a good compromise:

• Admin Members API: Create a admin-only REST API for user management (possibly related to [FR] Sourcebot REST API support #101?) that would:
  • Allow admin scripts to list/disable/delete users
  • Nice to have: Support batch operations for efficiently managing multiple users
  • Nice to have: Properly documented with [FR] Sourcebot REST API support #101
• Activity-based User Management:
  • Implement a configurable system to automatically disable users after a specified period of inactivity
  • Allow administrators to set custom thresholds (30/60/90 days?)
  • Nice to have: Users disabled through inactivity would be automatically re-enabled upon successful SSO login
  • Nice to have: Include options to notify users before automatic disabling

Let me know what you think or if you need more details/context!

Cheers, Gabriel