Uploaded image for project: 'OpenOLAT'
  1. OpenOLAT
  2. OO-3476

Deleting user must delete all user properties and anonymise any remaining data




      To improve data privacy and conform with DSGVO the following will be implemented:

      • Refactor UserDeletionManager to better use the UserDataDeletable interface. Move code from userDeletionManager to responsible managers.
      • Remove the following legacy properties, they are not supported anymore:
      keepUserEmailAfterDeletion -> DELETED
      keepUserLoginAfterDeletion -> DELETED
      • Remove the "isDeletable" flag in both UserPropertyHandler.java and userPropertiesHandlerContext.xml. 
      • On delete
        • for normal users: set all user properties to NULL
        • for administrative users: set all user properties to NULL except firstname ** and lastname**
      • In the database upgrade,for old deleted users all user properties are also cleared
      • On delete, replace the identity.name (username) to the identity database key
      • In the database upgrade, for old deleted identities all user names are also cleared**


      When deleting some data will remain in the system such as

      • forum posts
      • comments

      These data is treated as contributions to the learning and collaboration process and can not be withdrawn since other actions might refer to this one. However, the system must not reveal the identity of the creator of the data (anonymise).


      Administrative users

      In OO-3486 we will implement a mechanism how for administrative users the first and lastname can be deleted as well. The reason to keep those data is that administrative users perform many actions not as individual user but rather as an institutional role. The transparency of such actions is very important and log entries such as the course log must be readable and consistent even when a user has been deleted. 

      Administrative user are all users with administrative rights such as authors, course owners, teachers (lecture block roll call relevant), user managers, pool manager, administrators etc. 




            • Assignee:
              srosse Stéphane Rossé
              gnaegi Florian Gnägi
            • Votes:
              0 Vote for this issue
              2 Start watching this issue


              • Created:

                Time Tracking

                Original Estimate - Not Specified
                Not Specified
                Remaining Estimate - 0 minutes
                Time Spent - 1 day, 1 hour
                1d 1h