Bug 51110

Summary: Account deregistration
Product: UCS Reporter: Johannes Keiser <keiser>
Component: Self ServiceAssignee: Johannes Keiser <keiser>
Status: CLOSED FIXED QA Contact: Florian Best <best>
Severity: normal    
Priority: P5 CC: best, hahn
Version: UCS 4.4   
Target Milestone: UCS 4.4-4-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: Feature Request What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:

Description Johannes Keiser univentionstaff 2020-04-16 10:32:07 CEST 
A user should be able to 'delete' his account via the "Your profile" page of the Self Service.

The feature can be activated via a UCR variable (default: deactivated)

The account will not be directly deleted instead:
set disabled attribute to True
set new attribute "self deregistered" to True
set new attribute "deregistration timestamp"

Add a script (cron job) that deletes users whose "deregistration timestamp" is older
then specified time period
Comment 1 Johannes Keiser univentionstaff 2020-04-16 11:49:08 CEST 
Branch: jkeiser/4.4-4/selfservice_deregistration
Branchtest: http://jenkins.knut.univention.de:8080/job/UCS%20Branch%20Test/343/
Comment 2 Florian Best univentionstaff 2020-04-20 18:13:50 CEST 
Security issue: Via the web interface you can enter any user name and get a new verification token sent to you. The e-mail address of the user is shown in the corresponding notification.

Permissions:
# ls -l /usr/share/univention-self-service/delete_deregistered_accounts.py
-rw-r--r-- 1 root root 5574 Apr 20 11:52 /usr/share/univention-self-service/delete_deregistered_accounts.py
→ Missing +x flags


Typo of the path in the documentation:
+                               Der <foreignphrase>Self Service</foreignphrase> stellt unter <filename>/usr/share/univention-self-service/delete_deregistred_accounts.py</filename>

"deregistred"
Comment 3 Johannes Keiser univentionstaff 2020-04-21 14:56:40 CEST 
(In reply to Florian Best from comment #2)
> Security issue: Via the web interface you can enter any user name and get a
> new verification token sent to you. The e-mail address of the user is shown
> in the corresponding notification.

Will be fixed with a different user story

> Permissions:
> # ls -l /usr/share/univention-self-service/delete_deregistered_accounts.py
> -rw-r--r-- 1 root root 5574 Apr 20 11:52
> /usr/share/univention-self-service/delete_deregistered_accounts.py
> → Missing +x flags
> 
> 
> Typo of the path in the documentation:
> +                               Der <foreignphrase>Self
> Service</foreignphrase> stellt unter
> <filename>/usr/share/univention-self-service/delete_deregistred_accounts.py</
> filename>
> 
> "deregistred"

f65a600b7e Bug #51110: yaml                                                                                                                                                                                                                  
452c7c1309 Bug #51110: Merge branch 'jkeiser/4.4-4/selfservice_deregistration' into 4.4-4
95252f328b Bug #51110: users can now deregister their accounts


Successful build
Package: univention-management-console
Version: 11.0.4-63A~4.4.0.202004211448
Branch: ucs_4.4-0

Successful build
Package: univention-self-service
Version: 4.0.3-22A~4.4.0.202004211451
Branch: ucs_4.4-0
Comment 4 Florian Best univentionstaff 2020-04-22 12:56:19 CEST 
OK: fix
OK: yaml
Comment 6 Philipp Hahn univentionstaff 2020-04-27 17:30:21 CEST 
git:95252f328ba broke the documentation:
> handbuch-4.4.xml:1183: <section> without @id: Selbst-Deregistrierung
> manual-4.4.xml:1139: <section> without @id: Self deregistration

[4.4-4] 143617b88f Bug #51110 doc: Fix user deregistration DocBook
 doc/manual/user-management-de.xml | 16 ++++++++--------
 doc/manual/user-management-en.xml |  8 ++++----
 2 files changed, 12 insertions(+), 12 deletions(-)