There are massive issues with how 'active' on a tenant is treated. The discussion has been had on this github issue: https://github.com/apache/trafficcontrol/issues/2732 but I will try to summarize.
First problem: An inactive tenant can be neither modified in any way (including re-activating them) nor deleted. Likewise any Delivery Services/origins/whathaveyou that were assigned to them become totally immutable and indestructible. Less shockingly, no resources (DSs/origins/whathaveyous) can be assigned to the inactive tenant. Second problem: An inactive tenant can still manipulate its child tenants, and the resources of those child tenants. Third problem: The child of an inactive tenant can still manipulate itself, its resources, and any of its descendants or its descendants' resources. This has sort of raised a debate about what tenancy truly is/ought to be and what active/inactive means/ought to mean. The first issue to tackle is: Do we even care about inactive tentants? Maybe instead we just say "you first must delete or reallocate all resources belonging to the tenant's descendants, then all descendants themselves, then the tenant's own resources, then delete the tenant. There is no 'inactive'. If we decide to proceed with active/inactive tenants (I personally like the idea), then my fix for the above problems is to enforce this behavior regarding tenancy: 1. If the ultimate goal is to have everything respect tenancy (or even maybe if not), then I see no reason why a user belonging to an inactive should be able to log in at all 2. When a tenant is made inactive, all of its descendants must recursively be made inactive as well - the reverse (enabling a tenant enables its descendants) should not be true. 3. When adding a new tenant, its active/inactive state defaults to that of its immediate parent (if #2 is enforced there is no need to recurse up the ancestry tree), and it should be impossible to add an active tenant to an inactive parent. 4. An active tenant should be able to manipulate all of its resources, all of its descendants and all of its descendants' resources, regardless of the active/inactive state of any of those descendants 5. Modifying the 'root' tenant to be inactive should not be allowed All together these will eliminate all three problems and ensure no resources or tenants ever wind up indestructible or immutable. I also think they're rather sensible.
