On prod currently 31 users have either is_superuser or is_staff (or both) set. Of those 12 haven't logged in during the last 3 months. I would define "do not need the permissions" as either of: * Haven't logged in within X time * No longer need to be able to edit visibility profiles/sheriff performance alerts The smaller the set of users that have extra permissions: * the more we can purge as part of bug 1331197 (and so speed up bug 1337987). * the simpler bug 1273092 will be (fewer users who will need their LDAP groups adjusted etc)

Duplicates of more recently used account (TC login means some people have switched from an email alias to their real LDAP email address): * tomcat at moco Not logged in for > 3 months: * alin.selagea at softvision * bgirard at moco * dustin at moco * jeads at moco * jgriffin at moco * mdoglio at moco * nigelbabu at gmail * Pidgeot18 at gmail * pnispel at moco * sylvestre at moco * vaibhavmagarwal at gmail * vlad.ciobancai at softvision Seeing that the only use-case I can think of that would cause infrequent usage is "work on a new test suite/platform and need to hide it", and that that use-case is now mostly covered by setting tier 2/3 via Taskcluster configs (and anything else should probably go via the sheriffs/the "Visibility Requests" component) - I've removed is_staff and is_supervisor from these users for now. Will be easy enough to add back later if needed.

vlad at softvision isn't at softvision anymore, but alin at softvision is |buildduty, and he got access in order to mass-cancel jobs in bug 1264633, for reasons that I find even more persuasive now that cancel pinned exists.

The "cancel multiple pinned jobs" feature can be used by any logged in user. I think we should consider removing the cancel-all button or at least consolidating it into the new feature. I've filed bug 1338491 for this.