Status

P3
normal
RESOLVED INVALID
7 years ago
5 years ago

People

(Reporter: openjck, Unassigned)

Tracking

Details

(Whiteboard: [type:feature])

Comment hidden (empty)
(Reporter)

Updated

7 years ago
Priority: -- → P2

Updated

6 years ago
Blocks: 756266
Priority: P2 → P3

Updated

6 years ago
Depends on: 671782

Updated

6 years ago
No longer blocks: 756266

Updated

6 years ago
Blocks: 756266
Deleting a user object outright creates serious risk of DB integrity errors. A revision, for example, has a Foreign Key pointing to the Users table, identifying its author. (Actually, it has 2, one for its author and one for its approver). Deleting the user can quickly produce a FK cascade, if a user has created revisions that other revisions are based on, etc. And thanks to the Document.current_revision circular FK constraint, you can, in fact, end up deleting entire documents and all their history.

Scrubbing all personalized data, including the profile, email address, password hash, etc, is safer. And the user's data is as effectively gone as if we'd deleted the table row completely, as those overwrites are non-recoverable.
(Assignee)

Updated

6 years ago
Version: Kuma → unspecified
(Assignee)

Updated

6 years ago
Component: Website → Landing pages
Product: Mozilla Developer Network → Mozilla Developer Network
(Reporter)

Updated

6 years ago
No longer blocks: 756266
In the time since comment 1, I've spoken with Tom from Privacy about this. We have a set of recommendations that are sufficient, from their point of view. I'll dig them up and add them here when I can.

Updated

6 years ago
Whiteboard: u=administrator c=siteadmin p= → feature request; u=administrator c=siteadmin p=
(Reporter)

Updated

5 years ago
Whiteboard: feature request; u=administrator c=siteadmin p= → [type:feature]
(Reporter)

Updated

5 years ago
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.