Mahara

Everybody should be allowed to delete their account themselves

Bug #1734178 reported by Kristina Hoeppner on 2017-11-23

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Mahara	Fix Released	Wishlist	Cecilia Vela Gurovic	Mahara 18.04.0

Bug Description

We need to make a series of changes in Mahara to comply with the GDPR. More info is available on the wiki at https://wiki.mahara.org/wiki/Developer_Area/Specifications_in_Development/GDPR_compliance

Currently, only when self-registration is turned on can users delete their account. This should be possible for anyone though also for those from external authentication methods or those that had accounts created manually in institutions where self-registration is not allowed.

Sometimes, institutions may like to keep certain student content (upon agreement) and thus account deletion could not be good if the student hadn't already transferred their content to an area where it can be retained.

Therefore, it might be good to implement a "Review account before self-deletion" option in an institution. This could work the following way:

1. User clicks the "Delete" button and is informed that the admin receives a notification and will need to approve the deletion. They'd also get the general warning that all their content in their personal portfolio area will be deleted but that group content stays, but is not associated with their name anymore.
2. In their account settings page they'll see when they triggered the deletion and if they don't receive a message, can re-trigger it and append a message to the institution admins.
3. The request for deletion triggers a notification to the institution admins (or site admin if there is no institution admin) letting them know about this action. They can then approve the deletion or deny it and provide a mandatory reason so that the student can get in touch with them and discuss the deletion.

Tags:

Cecilia Vela Gurovic (ceciliavg) on 2017-12-04

Changed in mahara:
assignee:	nobody → Cecilia Vela Gurovic (ceciliavg)

Cecilia Vela Gurovic (ceciliavg) on 2017-12-05

Changed in mahara:
status:	Confirmed → In Progress

Revision history for this message

Cecilia Vela Gurovic (ceciliavg) wrote on 2017-12-05:

Checking the code I noted that in fact, we have a configuration setting for deleting users.
If we add in config.php
$cfg->alwaysallowselfdelete = true;

we are able to delete any user, even if there is no self-registration enabled in any institution. We can always delete a user but the last admin of the site. But I consider this correct as the admin does not represent a real person but a role in the system.

Now the question is, should we leave the 'alwaysallowselfdelete' and set it to true as default for every new site and upgraded one, or should we remove this configuration?

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2017-12-19: A patch has been submitted for review

Patch for "master" branch: https://reviews.mahara.org/8371

Kristina Hoeppner (kris-hoeppner) on 2018-02-19

tags:

added: nominatedfeature

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2018-02-19: A change has been merged

Reviewed: https://reviews.mahara.org/8371
Committed: https://git.mahara.org/mahara/mahara/commit/9837f1820c7ba0baad3e8ea2ee68b6fdd9259a95
Submitter: Cecilia Vela Gurovic (<email address hidden>)
Branch: master

commit 9837f1820c7ba0baad3e8ea2ee68b6fdd9259a95
Author: Cecilia Vela Gurovic <email address hidden>
Date: Fri Dec 8 14:59:50 2017 +1300

Bug 1734178: allow user to delete own account

added settings

- institution level: reviewselfdeletion
0 if the institution does not require approval
from an admin to delete an account
1 if the institution requires an admin to approve
account deletion requests from users
if not set, it takes the value from the site's
default

- site level: defaultreviewselfdeletion
(Site options->User Settings -> Review account before self-deletion)
1 if the site's default is requiring approval
null otherwise

Account deletion by a user

when a user accesses to the account settings, a
'Delete account' button is displayed.

This will:
- If the user belongs to an institution that requires
approval (or does not have the settings but the site
requires approval by default)
then a notification will be sent to the admins
of the institutions that require approval that
the user belongs to
- if the user belongs to institutions and none of them
require approval (or does not have the setting
but the site does not require approval by default)
then the account is deleted
- if the user does not belong to any institution
then the action will depend on the setting of
the 'mahara' institution or sites default if
'mahara' doesn't have the setting

Approval by institution admins

An institution admin can see the pending deletion
requests in Admin menu-> Institution -> Pending deletions
After approving/denying a request, the user
that requested the account deletion will receive
a notification

behatnotneeded
Change-Id: I4ccd9c798cab065ec557eaddf7dfc3a51920b6d0

Robert Lyon (robertl-9) on 2018-02-19

Changed in mahara:
status:	In Progress → Fix Committed

Robert Lyon (robertl-9) on 2018-04-05

Changed in mahara:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Related blueprints

Compliance with EU GDPR privacy regulations: Initial dev

Remote bug watches

Bug watches keep track of this bug in other bug trackers.