What happened?

Description

After a user has been deleted from a Matomo instance, their personal settings is retained when adding another user with the same username (different email).

What should happen?

Expected and Actual results:

The deleted user's username should not be made available again. Instead currently settings are retained:

How can this be reproduced?

Steps to reproduce

1. Create a user, on a Matomo instance, called victimUser
2. Log in as victimUser and change personal settings randomly and keep a note of the changes
3. Delete the user
4. Create a second user with username victimUser (different email this time)
5. Log in as victimUser and compare personal settings with previous changes

Matomo version

latest

PHP version

No response

Server operating system

No response

What browsers are you seeing the problem on?

No response

Computer operating system

No response

Relevant log output

Validations

• Read our Contributing Guidelines.
• Follow our Security Policy.
• Check that there isn't already an issue that reports the same bug to avoid creating duplicates.
• The provided steps to reproduce is a minimal reproducible of the Bug.