New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Give users the ability to deactivate their account and destroy personal info #255

Open
tobscure opened this Issue Aug 27, 2015 · 3 comments

Comments

Projects
None yet
5 participants
@tobscure
Member

tobscure commented Aug 27, 2015

_1 Upvote_ Before Flarum reached beta, we had implemented a feature that allowed users to delete their account, purging it completely from the database. However, we quickly realised this was problematic for various reasons.

Instead we want to offer users the ability to permanently deactivate their account: make it so it can't be logged into, and remove their email and other personal info from the database.

What needs to be done:

  • Create a DeleteAccountModal which gives users info about what it means and confirms that they want to proceed
  • Add a button to the SettingsPage (accountItems) that opens the DeleteAccountModal
  • Make the DELETE /users/{id} API endpoint only disable the account for non-admin users, rather than deleting it completely...
  • ...where "disabling" means setting their email to null, and destroying their avatar/bio.
  • We would want this to require a sudo mode token (#250)

@tobscure tobscure referenced this issue Aug 28, 2015

Closed

v0.1.0 roadmap (old) #74

19 of 53 tasks complete
@darkspotinthecorner

This comment has been minimized.

Show comment
Hide comment
@darkspotinthecorner

darkspotinthecorner Aug 31, 2015

Just 2 cents on the deletion process:

The company I work for is hosting and managing more than 50 forums. We often deal with the problem that users want their deletion undone the next day or so. We created our own deletion process that puts the accounts on inactive (this hides any personal information) for around 30 days and sends the users a mail with a re-activation link. If no action occurs, the account is completely deleted after the 30-day period.

This takes a lot of work from the community managers shoulders, as they no longer have to respond to that many re-activation and deletion requests.

darkspotinthecorner commented Aug 31, 2015

Just 2 cents on the deletion process:

The company I work for is hosting and managing more than 50 forums. We often deal with the problem that users want their deletion undone the next day or so. We created our own deletion process that puts the accounts on inactive (this hides any personal information) for around 30 days and sends the users a mail with a re-activation link. If no action occurs, the account is completely deleted after the 30-day period.

This takes a lot of work from the community managers shoulders, as they no longer have to respond to that many re-activation and deletion requests.

@younes0

This comment has been minimized.

Show comment
Hide comment
@younes0

younes0 commented Aug 31, 2015

@justjavac justjavac referenced this issue Sep 7, 2015

Open

Flarum v0.1.0 开发路线图 #3

18 of 53 tasks complete

@franzliedke franzliedke modified the milestone: 0.1.x Apr 7, 2016

@dcsjapan

This comment has been minimized.

Show comment
Hide comment
@dcsjapan

dcsjapan Apr 30, 2016

Member

Make the DELETE /users/{id} API endpoint only disable the account for non-admin users, rather than deleting it completely...
...where "disabling" means setting their email to null, and destroying their avatar/bio.

Disabling the account should:

  • Place the account in "suspended permanently" status (to prevent access to content).
  • Nullify the user's email address, bio, and avatar (as above).
  • Disable all email notification settings (to prevent attempts to send email to a null address).

It might also be good to add a flag that extension developers can use to identify a bit of information that should be nullified when the account is disabled. That would come in handy for an extension that adds custom fields to the profile page, for example (not to mention the bio, once it becomes an extension).

Member

dcsjapan commented Apr 30, 2016

Make the DELETE /users/{id} API endpoint only disable the account for non-admin users, rather than deleting it completely...
...where "disabling" means setting their email to null, and destroying their avatar/bio.

Disabling the account should:

  • Place the account in "suspended permanently" status (to prevent access to content).
  • Nullify the user's email address, bio, and avatar (as above).
  • Disable all email notification settings (to prevent attempts to send email to a null address).

It might also be good to add a flag that extension developers can use to identify a bit of information that should be nullified when the account is disabled. That would come in handy for an extension that adds custom fields to the profile page, for example (not to mention the bio, once it becomes an extension).

@tobscure tobscure removed this from the 0.1.x milestone Jul 22, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment