Versions Compared

Old Version 6

changes.mady.by.user Anil Gupta

Saved on

compared with

New Version 7

changes.mady.by.user Anil Gupta

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Introduction

...

  • Send the OTP to the user’s email/phone to validate the user. (OTP templates for user account deletion verification)

  • Insert the entry for all the type as false in sunbird.user_deletion_status.

  • Delete login credentials and sessions from Keycloak.

  • Update the sunbird.user table. Set the following fields as empty: (redis data for the following fields will become empty for that user)

    • firstName

    • lastName

    • email

    • dob

    • phone

    • maskedEmail

    • maskedPhone

    • prevUsedEmail

    • prevUsedPhone

    • recoveryEmail

    • recoveryPhone

  • Update the status from ACTIVE to DELETED.

  • Remove the user entry from sunbird.user_lookup table.

  • Remove the SSO user entry from sunbird.user_external_identity .

  • Update the user entry in sunbird.user_organisation (async) - May not be required.

    • isdeleted - True

    • orgleftdate - system date

  • Update the user’s name in nodeBB as Deleted User to display in discussion forum.

  • If a group admin/owner deletes his account, no action required if there is another group admin.If not, another user (random) can be assigned as the default group owner

  • Insert the entry in sunbird.user_deletion_status table for each type.

  • Sync the user deletion status in user index in below format:

    Code Block
    "userDeletionStatus" : {
 	"userLookUp": false,
 	"userExtIdnt": true,
 	"keycloak": false
 	"user": true,
    "discussionForum": true,
 	"userOwnershipTransfer": false
 }

  • Call the transferOwnership API with empty array in objects. Value of the status in this table will be inserted as a INITIATED by transfer-ownership Flink job. Sample curl

    Code Block
    curl --location --request POST '{{host}}/api/user/v1/ownership/transfer' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{api_key}}' \
--header 'x-authenticated-user-token: {{user_token}}' \
--data-raw '{
    "request":{
      "organisationId": "{{organisationId}}"
      "fromUserId": "{{FROM_UUID}}",
      "context": "User Deletion", // "User Deletion", "Role Change", etc.
      "objects": []
    }
}'

User deletion status table

...

Code Block
curl --location --request POST '{{host}}/api/user/v1/ownership/transfer' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{api_key}}' \
--header 'x-authenticated-user-token: {{user_token}}' \
--data-raw '{
    "request":{
      "organisationId": "{{organisationId}}"
      "fromUserId": "{{FROM_UUID}}",
      "context": "User Deletion",  // "User Deletion", "Role Change", etc.
      "objects": [
          {
            "type": "Asset",   // Asset, Batch, Group
            "toUserId": "{{TO_UUID}}",
            "identifiers": ["do_id1", "do_id2"]
          }
      ]
    }
}'

...

Code Block
languagejson
curl --location --request POST '{{host}}/api/user/v1/ownership/transfer/list' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{api_key}}' \
--header 'x-authenticated-user-token: {{user_token}}'\
--data-raw '{
    "request":{
      "organisationId": ["<organisationId>"], // Mandatory
      "status": ["0INITIATED", "1SUBMITED"] // Optional. If not passed in request body 
                           // then by default all the status will return.
    }
}'

...

  1. A complete snapshot of a user’s profile which includes name (first and last name) as well as masked email and phone is captured under various collections in MongoDB (observations, projects, survey, and programUsers) at the start of any transaction i.e. the moment a user starts working on a survey, or project or decides to join a program. This is done to give the Program manager the details of the user as it was when he/she started working on the resource and is not affected by his/her profile change later. This means a user’s name, location, role, and sub roles which is later used for certificate generation using Sunbird RC is the same when he/she started the resource.

  2. When the Program Manager requests reports via the Program Dashboard about the details of each and every user who has worked on a resource or has joined the program, the user’s email and phone along with the name is provided via a CSV using the Lern Data Product. These details are fetched in real-time at the moment of generating the on-demand report from the common and shared Redis and Cassandra storage. No change is required here since the expectation is user’s name, email phone will be deleted from the common storage and replaced with the “Deleted User” string, We will just need to test this once to confirm the entry from the reports is not removed but just the PII data is removed.

Info

Note - No other place in Logs, Druid, ES or Neo4j does Manage Learn workflow write to

...