Delete self

General discussion of development ideas and the approaches taken in the 3.x branch of phpBB. The current feature release of phpBB 3 is 3.3/Proteus.
Forum rules
Please do not post support questions regarding installing, updating, or upgrading phpBB 3.3.x. If you need support for phpBB 3.3.x please visit the 3.3.x Support Forum on phpbb.com.

If you have questions regarding writing extensions please post in Extension Writers Discussion to receive proper guidance from our staff and community.
User avatar
naderman
Consultant
Posts: 1727
Joined: Sun Jan 11, 2004 2:11 am
Location: Berlin, Germany
Contact:

Re: Delete self

Post by naderman »

This also interesting from a legal perspective. In some countries forum owners are required to delete personal information / accounts when a user asks for it. Typically I don't think you are required to delete the content, but that's probably a question of copyright. Either way we definately would have to make this an option for admins, so they can decide whether they want to offer users to do this or not. With the proposed method of simply changing the user_type no personal data is actually deleted. That might be a problem in some jurisdictions. It does however allow for the undoing of such a deletion which could be a useful feature.
Sebastian R
Registered User
Posts: 1
Joined: Sun May 23, 2010 3:59 pm

Re: Delete self

Post by Sebastian R »

What about making it one of the following options?

1. Maybe an admin approved feature, where a player can press the 'delete account' button and then it would then come up on the admin CP saying 'so and so' has requested a deletion and an admin will have to accept it.

or

2. 72 hour deletion, so someone can start a deletion but can cancel it anytime in that 72 hours, this would be better if an account had been hacked or someone changed their mind about deleting their account.
User avatar
imkingdavid
Registered User
Posts: 1050
Joined: Thu Jul 30, 2009 12:06 pm

Re: Delete self

Post by imkingdavid »

naderman wrote:Well firstly you would create a ticket on the tracker. You would then fork phpBB on github, work on the feature off of the develop branch locally, and then use the "submit patch" action in the tracker to point to your feature branch on github.
Alright, I'll get to it when I get a chance. I think someone else should also work on this so that there's some choice in case my version never gets done or doesn't work out the right way or something. But I plan on getting it to work properly.

EDIT: The ticket has been created.
Sebastian R wrote:What about making it one of the following options?

1. Maybe an admin approved feature, where a player can press the 'delete account' button and then it would then come up on the admin CP saying 'so and so' has requested a deletion and an admin will have to accept it.

or

2. 72 hour deletion, so someone can start a deletion but can cancel it anytime in that 72 hours, this would be better if an account had been hacked or someone changed their mind about deleting their account.
How about having both? In the ACP, have that as a setting to choose between admin approval or email confirmation and then have wait X hours before actually doing anything (changeable in the ACP).
A_Jelly_Doughnut wrote:Its my experience that, when a user wants to delete his own account, he wants to take all the content with him, he does not want to become "anonymous".

Also, would it be possible to "un-delete" yourself? Some users would like this, others would not.
I think that it would be an option the user can choose and then the admin can approve or deny that option given the first choice in the first quote in this post.
naderman wrote:This also interesting from a legal perspective. In some countries forum owners are required to delete personal information / accounts when a user asks for it. Typically I don't think you are required to delete the content, but that's probably a question of copyright. Either way we definately would have to make this an option for admins, so they can decide whether they want to offer users to do this or not. With the proposed method of simply changing the user_type no personal data is actually deleted. That might be a problem in some jurisdictions. It does however allow for the undoing of such a deletion which could be a useful feature.
I'm not aware of legal issues in various countries concerning this. However, you are right; this should be completely configurable by the admin, all the way down to turning it on and off, in the ACP. Possibly at the end of the User Registration Settings module, or maybe in its own.

EDIT: The only issue I see with letting other users register with the deleted account's username or email is that if the deleted account ever becomes re-enabled, it would be confusing about who is who. Possibly in that case, where a new user has registered with the same username as a deleted account and the account becomes re-enabled, the admin will have to choose a new username for the account that is being re-enabled. Any ideas?

EDIT 2: I have a question. How do I add a new permission in my patch? I want to create a new user permission to (dis)allow them to delete their account. But since only file changes are reflected when the patch is submitted, where do I add the new permission? Thanks, and sorry for the questions; this is my first time trying to submit something like this.
I do custom MODs. PM for a quote!
View My: MODs | Portfolio
Please do NOT contact for support via PM or email.
Remember, the enemy's gate is down.
User avatar
EXreaction
Registered User
Posts: 1555
Joined: Sat Sep 10, 2005 2:15 am

Re: Delete self

Post by EXreaction »

So what I see wanted is a few options:

No deleting of accounts allowed
"Soft" deleting of accounts allowed (keep the user's profile information, but anomalize the account to the public)
Profile deleting of accounts allowed (this would delete all information of that user's profile but keep important content to the forum like posts (anomalized))
Complete removal of accounts allowed (this would remove everything, including posts)

The last three should be deletion options for the user account as well from the user management in the ACP

Permission setting for users to delete their own accounts, global settings for the method of deleting and global allowing of deleting
User avatar
bantu
3.0 Release Manager
3.0 Release Manager
Posts: 557
Joined: Thu Sep 07, 2006 11:22 am
Location: Karlsruhe, Germany
Contact:

Re: Delete self

Post by bantu »

EXreaction wrote:So what I see wanted is a few options:

No deleting of accounts allowed
"Soft" deleting of accounts allowed (keep the user's profile information, but anomalize the account to the public)
Profile deleting of accounts allowed (this would delete all information of that user's profile but keep important content to the forum like posts (anomalized))
Complete removal of accounts allowed (this would remove everything, including posts)

The last three should be deletion options for the user account as well from the user management in the ACP

Permission setting for users to delete their own accounts, global settings for the method of deleting and global allowing of deleting
+1
User avatar
imkingdavid
Registered User
Posts: 1050
Joined: Thu Jul 30, 2009 12:06 pm

Re: Delete self

Post by imkingdavid »

I have begun work on the patch. Nothing major yet, but it's a start.

I do have a question, which I edited into my last post but may have been missed: How do I add instructions for the creation of new default permissions and config values for the patch, since the patch only looks at the file edits themselves. I have tried looking through the install/ folder's files for where the permissions are created, but I don't see it.
I do custom MODs. PM for a quote!
View My: MODs | Portfolio
Please do NOT contact for support via PM or email.
Remember, the enemy's gate is down.
User avatar
imkingdavid
Registered User
Posts: 1050
Joined: Thu Jul 30, 2009 12:06 pm

Re: Delete self

Post by imkingdavid »

Eh, well I should update that I don't really have time to work on this at the moment. Anyone else is welcome to take this on. And I think this should be turned into an RFC by whoever does continue work on this instead of just leaving this in the Discussion area. :)
I do custom MODs. PM for a quote!
View My: MODs | Portfolio
Please do NOT contact for support via PM or email.
Remember, the enemy's gate is down.
User avatar
callumacrae
Former Team Member
Posts: 1046
Joined: Tue Apr 27, 2010 9:37 am
Location: England
Contact:

Re: Delete self

Post by callumacrae »

imkingdavid wrote:Eh, well I should update that I don't really have time to work on this at the moment. Anyone else is welcome to take this on. And I think this should be turned into an RFC by whoever does continue work on this instead of just leaving this in the Discussion area. :)
I didn't know how to make RFCs :/

~Callum
Made by developers, for developers!
My blog
User avatar
A_Jelly_Doughnut
Registered User
Posts: 1780
Joined: Wed Jun 04, 2003 4:23 pm

Re: Delete self

Post by A_Jelly_Doughnut »

I would suggest that if you want to have a "soft-deleted" user, you wait for the soft-deleted post feature to get checked in.

(With any luck, there will be at least some kind of partial commit from me today - yay for Git, which brings us nice things)
A_Jelly_Doughnut
User avatar
A_Jelly_Doughnut
Registered User
Posts: 1780
Joined: Wed Jun 04, 2003 4:23 pm

Re: Delete self

Post by A_Jelly_Doughnut »

callumacrae wrote: I didn't know how to make RFCs :/
An RFC is essentially a detailed proposal.

So a topic for discussion would have an OP like this:
I think phpBB should have the ability for a user to delete his user account. This would make things more kosher, legally
An RFC would be much longer (several paragraphs) and would describe each aspect of a feature to at least some extent.
A_Jelly_Doughnut
Post Reply