[Design] Delete Account Functionality

Introduction

This wiki explains the design for delete user account feature. As of now there is no hard delete of user profile flow available in Sunbird. At present, we have functionality to BLOCK/UNBLOCK users.

Background & Problem Statement

Sunbird supports the mobile app for Android and iOS. As per the latest policy update of the Apple App Store and Google Play Store, mandates the user deletion from the app, if the app is having the signup from app. The specific policy mandates can be found using the following links:

Registered users must have access to a "Delete Account" option on both the app and the portal. This option will allow them to initiate the account deletion process themselves.

Key Design Problems

User should not able to do the following things after successful deletion of account:

  • User should not be able to login by using the existing login credentials post account deletion.

  • Any of the Personally Identifiable Information (PII) of the user, such as name, email, and phone number should not be available in any DB in any format (even encrypted format).

  • Other than PII data should not be deleted. User transactional data and user created contents (usage, rating etc) are to be retained.

  • Certificates issued to the deleted users should not be accessible, but should be verifiable. (Storing only the name of the user in Sunbird RC to display in certificate).

  • External id of the SSO user should be removed.

  • List the deleted user list to admin dashboard.

  • Deleted user’s asset should be transferred to the other user after successful deletion.

Design

Delete User

 

  • Send the OTP to the user’s email/phone to validate the user. (OTP templates for user account deletion verification)

Sync

  • Delete login credentials and sessions from Keycloak.

  • Update the sunbird.user table. Set the following fields as empty: (redis data for the following fields will become empty for that user)

    • firstName

    • lastName

    • email

    • dob

    • phone

    • maskedEmail

    • maskedPhone

    • prevUsedEmail

    • prevUsedPhone

    • recoveryEmail

    • recoveryPhone

  • Update the status from ACTIVE to DELETED.

  • Remove the user entry from sunbird.user_lookup table.

  • Remove the SSO user entry from sunbird.user_external_identity .

  • Send the AUDIT telemetry event after successful/failure update/deletion of the above tables.

  • Trigger the delete user kafka event {{env_name}}.delete.user

User Deletion Flink Job

  • Verify the sync steps is successfully completed else perform the pending actions.

  • Update the user entry in sunbird.user_organisation (async) - May not be required.

    • isdeleted - True

    • orgleftdate - system date

  • Update the user’s name in nodeBB as Deleted User to display in discussion forum.

  • Group - TBD

  • Send the AUDIT telemetry event after successful/failure update/deletion of the above tables.

 

User delete API:

curl --location --request DELETE '{{host}}/api/user/v1/delete/{{userId}}' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer {{api_key}}' \ --header 'x-authenticated-user-token: {{user_token}}'
{ "id": "api.user.delete", "ver": "1.0", "ts": "2023-08-28T13:54:45Z+05:30", "params": { "resmsgid": "a638c46e-63a5-47de-bf00-029cbe435e5e", "msgid": null, "err": null, "status": "successful", "errmsg": null }, "responseCode": "OK", "result": { "response": "SUCCESS", "userId": "{{userId}}" } }

Delete User Kafka Event

Property

Description

Property

Description

organisationId

It helps to identify user belongs to which organisation

userId

Deleted user id

suggested_user

If user have role other than PUBLIC, than suggested user list can be send in the event for each role user is having.

{ "eid": "BE_JOB_REQUEST", "ets": 1619527882745, "mid": "LP.1619527882745.32dc378a-430f-49f6-83b5-bd73b767ad36", "actor": { "id": "delete-user", "type": "System" }, "context": { "pdata": { "id": "org.sunbird.platform", "ver": "1.0" } }, "object": { "id": "<deleted-userId>", "type": "User" }, "edata": { "organisationId": "<organisationId>" "userId": "<deleted-userId>", "suggested_users": [ { "role": "ORG_ADMIN", "users": ["<orgAdminUserId>"] }, { "role": "CONTENT_CREATOR", "users": ["<contentCreatorUserId>"] }, { "role": "COURSE_MENTOR", "users": ["<courseMentorUserId>"] } ], "action": "delete-user", "iteration": 1 } }

Deleted Users search curl

User search API can be used to get the more detail about user. e.g. name.