Allow admins to disable user accounts #1006
Description
Context
Admins need the ability to disable user accounts, especially in cases where a password may be compromised. Currently there's no way to lock an account without deleting it.
Request
- Add an admin action to disable/suspend a user account
- Disabled accounts should not be able to log in
- Should be reversible (re-enable) unlike account deletion
- Key use case: compromised passwords where the user hasn't acted yet
Notes
- Account deletion already exists (see feat(settings): add account deletion with data anonymization #988), but that's a destructive, user-initiated action
- This is an admin-initiated, non-destructive safeguard