(Note: this won't include any changes to the navbar for profiles)
Bare minimum we need to start with:
[x] Button and functionality to anonymise account. (GDPR) [1 Day]
[x] Button to download all data we have of the user, in JSON to start with. (GDPR) [2 Days]
[x] Ability to request a password change. [1 Day]
Regarding anonymisation:
[x] Send email informing request to anonymise data to all emails under the user's contact.
[x] Set all fields in the user's contact to N/A where possible, except for the name which should be set to "Anonymised contact".
[x] Remove all phone numbers, email addresses, and relationships.
[x] Mark user's contact object as anonymous, so the various systems will no longer show it.
[x] [The above things should be a standard part of the Contact manager service]
[x] Replace username with a hashed version, or just something random (making sure to check it's unique).
[x] Set password hash to all 0s, prevent login attempts in the event someone somehow manages to get the replacement username right.
[x] Reset all fields in the UserPrivacy object for the user.
[x] Invalidate current session token.
[x] Remove user's role.
Regarding downloading data, create a JSON file including:
[x] All fields in the User, UserPrivacy, and UserLoginInfo objects.
[x] All fields in the User's Contact object.
[x] The full information of any holdings the user's contact is an owner of.
[x] The full information of any ActionAgainstContactInfo that includes the user's contact.
[x] The name of any Animal that the user's contact is an owner of.
[x] The name of any Breed that uses the user's contact as it's BreedSociety
Password Reset:
[x] User presses 'Change Password' button either on login screen or profile page.
[x] User is prompted for an email address. This email address must exist under their contact information, otherwise it will be rejected.
[x] Token is generated and emailed to the specified address.
[x] Link sent to the user will then ask them to type in a new password, and confirm the new password.
[x] If successful, send an email out to all emails attached to the contact informing of the password reset.
P.S Even though the issue is 8 days old as of me writing this edit, this is technically only the 4th day I've spent time on it.
(Note: this won't include any changes to the navbar for profiles)
Bare minimum we need to start with:
Regarding anonymisation:
Regarding downloading data, create a JSON file including:
Password Reset: