LEGAL: Store User IP

[tiblu]

We have to connect every inserted text with IP so it could be given out if necessary. There are different ways to do so. a) We alter all data tables with IP fields and add IP with every insertion b) We alter Users with IP and update on every login or status check if IP changes c) We create new sessions table where we store session info: userId, IP

[ilmartyrk]

Going to choose option a). We only need to add IP to the tables that store data, that means that we don't have to add IP to the relations tables eg. TopicVotes. It also means that the IP stored is really the IP where the data came at that point of time. Option b) would update users IP after every login so it would be impossible to connect it with historical data when the IP changes. Option c) We would start handling session ends and start times to match it with data inserted.

[tiblu]

@ilmartyrk What if we stored the IP with an Activity instead? Every data modification does create an activity? This solution would save us from modifying every table, but just adding IP to stored Activity-s JSON or table structure? That would only work IF every place we create an activity actually has the IP available.

[ilmartyrk]

@tiblu, jep that sounds even more logical. Will check for any possible failure points and if everything is OK will only alter Activities table

[KatiVellak]

Legally reviewed, during the discussions legal input provided.