Good question. As of today there is no way to delete a user (neither the admin can or the user himself).
It may be a problem some laws may require that a user can self-unsubscribe with his personal info deleted, but what should we do of the files he put for download, news he submitted, messages in the forum...
Cascading delete is too much i think, it would mean that all his posts and answers by others to his post would be deleted.
userid set to anonymous could be nice. But what i am thinking right now is to have 2 commands:
1) the disable stuff for the admin (that just put the disable flag)
2) a 'delete' action that deletes his email info, ICQ info, address...
The advantages i see are that a disable user can be reenabled while a deleted one can't, in the admin panel the deleted user shouldn't exist, like a zombie in the database.
It would mean adding a 'deleted' flag in the table.
Changing the id to anonymous might be a better idea, actually i like it more :) Plus it solves the right to privacy as all the posts of the guy would become anonymous.
Keeping only the 'disable' option is acceptable situation if someone needs cascading-delete it would be very easy for him to do so.
Just some thoughts to discuss about...
the problem with deleting user is the coexistence with other modules, what should be done with post that are related to that user for instance ?
we need to think about it. or think that a user related to something may not exist.
that's why there is enable/disable for a user.
now if you want to delete an user, you can do it in the database, but what about all the post he did in the forum for instance ? the CMP engine will not be able to load the related user because the PK is invalid.
Maybe not delete the row but put the info : enabled/disabled/deleted