There is no way to disable account deletion in the Account MFE #189
Comments
regisb
added
affects:nutmeg
bug
|
I am probably missing a lot of context in here, but based on the origins of the flag ENABLE_ACCOUNT_DELETION in PR and in order to be GDPR compliant on the 'Right to be forgotten' I do not believe this is a bug. Missing the possibility of disabling account deletion looks like a intentional decision? Again I do not have full context. |
I think that we should go with option 2. For instance, account deletion could be disabled outside of Europe or in private Open edX instances. |
|
You need to consult with the Legal about this issue. That's because many jurisdictions around the world have laws similar to GDPR which stipulates that a user must be able to delete the account at any moment. |
|
There are some cases where user account deletion should be deactivated. For instance when running a private instance of Open edX inside a company. In such cases GDPR does not apply. The default should be to allow account deletion (according to GDPR) but platform administrators should be able to deactivate this feature (IMHO). |
|
Hello I'm keen on picking up the above issue, any objections? Thank you |
|
Apologies team, I no longer have the bandwidth to contribute! |
|
Hi! |
|
I have take some time to learn more about the project, and i have some questions about the issue. |
|
I have some questions about the solution for this issue. Please read the post in the forum. |
|
Hi @JonasBM, thanks for your contribution! I see you opened a PR in account MFE that was already approved. Let us know when it's merged! Also, there was also a fix in the backend, can you link the PR for that one as well? Thanks! |
|
Hi @mariajgrimaldi Someone asked to contribute to the backend issue, but looks like he is not gonna fix it. I will try to make a PR to fix the backend this week, so maybe we can close this issue. |
|
@mariajgrimaldi the PR was merged on the MFE. Regarding the backend part, @kiran1415 seems to be taking care of it. |
|
Great! Thank you @JonasBM 🥳 |
|
Hi, this could be marked as complete because it depends on these two PRs: I already tested it and it works perfectly 😄 Pdt: this PR is already in quince so if we backport this one it could also be available in quince.master I remain attentive to your recommendations |
|
Thank you so much for helping us out, @DonatoBD! I'll close this now. If any other issue arises, a new ticket should be opened. |
In the legacy account view from edx-platform, it was possible to remove the possibility of account deletion by defining the ENABLE_ACCOUNT_DELETION feature flag:
Source:
https://edx.readthedocs.io/projects/edx-platform-technical/en/latest/featuretoggles.html#featuretoggle-FEATURES%5B'ENABLE_ACCOUNT_DELETION'%5D
https://github.com/openedx/edx-platform/blob/20de3c71b4951472947917d2388e8412f53f6bcc/openedx/core/djangoapps/user_api/accounts/settings_views.py#L142
Now, in the frontend-app-account MFE, this feature flag seems to be ignored: https://github.com/openedx/edx-platform/blob/20de3c71b4951472947917d2388e8412f53f6bcc/openedx/core/djangoapps/user_api/accounts/settings_views.py#L74
As a consequence, it is no longer possible to disable account deletion.
This issue was detected following this conversation: https://discuss.openedx.org/t/some-feature-toggles-dont-work/7635
The text was updated successfully, but these errors were encountered: