DELETE User to anonymize all relevant Activity data

[tiblu]

What is the problem?

When a User deletes account we want to anonymize/delete ALL data related to that User.

Why is this a problem?

When deleting a User, we still have User data in Activities table.

Examples include Activities with context:

• POST /api/auth/signup - contains email etc.
• GET /api/auth/google/callback - contains email, Google account ID etc.
• GET /api/auth/facebook/callback - contains email, Facebook account ID etc.
• GET /api/auth/id - contains full name.
• GET /api/auth/mobile/status - contains full name.
• GET /api/auth/smartid/status - contains full name.
• ....

Possible solution.

• [x] Go through Activites and find all cases where User info is stored in an Activty
• [ ] Implement anonymizing of the Activites when User account is deleted.

Related to:

• https://github.com/citizenos/citizenos-fe/issues/318
• https://github.com/citizenos/citizenos-api/issues/102

[anettlinno]

Triage 60. Est. dev. time 8 hours. Sending to development.

[tiblu]

Progress

• Had a discussion with @ilmartyrk in Slack that we MOST PROBABLY do not need User info other than ID stored in an Activity.
• We MUST also look at places where:
  • User IP is present
  • User PID is present (UserConnection)

[ilmartyrk]

Updated activities, removed all personal information like "connectionUserId" and "connectionData" from "userConnection" Activities, also removed email from activities. We now don't have to delete any data from "Activities" tabel when user deletes their account, IPs will be handled in different way as we will be storing these for longer time as per Privacy policy