Merge pull request #9947 from Hudell/right-to-be-forgotten

[NEW] GDPR Right to be forgotten/erased
RocketChat · Mar 26, 2018 · b8da215 · b8da215
2 parents eee685f + 7381814
commit b8da215
Show file tree

Hide file tree

Showing 5 changed files with 59 additions and 2 deletions.
diff --git a/packages/rocketchat-i18n/i18n/en.i18n.json b/packages/rocketchat-i18n/i18n/en.i18n.json
@@ -512,6 +512,9 @@
   "Delete_my_account": "Delete my account",
   "Delete_Room_Warning": "Deleting a room will delete all messages posted within the room. This cannot be undone.",
   "Delete_User_Warning": "Deleting a user will delete all messages from that user as well. This cannot be undone.",
+  "Delete_User_Warning_Keep": "The user will be deleted, but their messages will remain visible. This cannot be undone.",
+  "Delete_User_Warning_Delete": "Deleting a user will delete all messages from that user as well. This cannot be undone.",
+  "Delete_User_Warning_Unlink": "Deleting a user will remove the user name from all their messages. This cannot be undone.",
   "Deleted": "Deleted!",
   "Department": "Department",
   "Department_removed": "Department removed",
@@ -1278,6 +1281,11 @@
   "Message_DateFormat_Description": "See also: <a href=\"http://momentjs.com/docs/#/displaying/format/\" target=\"momemt\">Moment.js</a>",
   "Message_deleting_blocked": "This message cannot be deleted anymore",
   "Message_editing": "Message editing",
+  "Message_ErasureType" : "Message Erasure Type",
+  "Message_ErasureType_Description" : "Determine what to do with messages of users who remove their account.",
+  "Message_ErasureType_Keep" : "Keep Messages and User Name",
+  "Message_ErasureType_Delete" : "Delete All Messages",
+  "Message_ErasureType_Unlink" : "Remove Link Between User and Messages",
   "Message_GlobalSearch": "Global Search",
   "Message_GroupingPeriod": "Grouping Period (in seconds)",
   "Message_GroupingPeriodDescription": "Messages will be grouped with previous message if both are from the same user and the elapsed time was less than the informed time in seconds.",
@@ -1596,6 +1604,7 @@
   "Remove_last_admin": "Removing last admin",
   "Remove_someone_from_room": "Remove someone from the room",
   "Removed": "Removed",
+  "Removed_User": "Removed User",
   "Reply": "Reply",
   "Report_Abuse": "Report Abuse",
   "Report_exclamation_mark": "Report!",

diff --git a/packages/rocketchat-lib/server/functions/deleteUser.js b/packages/rocketchat-lib/server/functions/deleteUser.js
@@ -3,7 +3,19 @@ RocketChat.deleteUser = function(userId) {
 
 	// Users without username can't do anything, so there is nothing to remove
 	if (user.username != null) {
-		RocketChat.models.Messages.removeByUserId(userId); // Remove user messages
+		const messageErasureType = RocketChat.settings.get('Message_ErasureType');
+
+		switch (messageErasureType) {
+			case 'Delete' :
+				RocketChat.models.Messages.removeByUserId(userId);
+				break;
+			case 'Unlink' :
+				const rocketCat = RocketChat.models.Users.findById('rocket.cat').fetch()[0];
+				const nameAlias = TAPi18n.__('Removed_User');
+				RocketChat.models.Messages.unlinkUserId(userId, rocketCat._id, rocketCat.username, nameAlias);
+				break;
+		}
+
 		RocketChat.models.Subscriptions.db.findByUserId(userId).forEach((subscription) => {
 			const room = RocketChat.models.Rooms.findOneById(subscription.rid);
 			if (room) {

diff --git a/packages/rocketchat-lib/server/models/Messages.js b/packages/rocketchat-lib/server/models/Messages.js
@@ -500,6 +500,22 @@ RocketChat.models.Messages = new class extends RocketChat.models._Base {
 		return this.update(query, update);
 	}
 
+	unlinkUserId(userId, newUserId, newUsername, newNameAlias) {
+		const query = {
+			'u._id': userId
+		};
+
+		const update = {
+			$set: {
+				'alias': newNameAlias,
+				'u._id': newUserId,
+				'u.username' : newUsername,
+				'u.name' : undefined
+			}
+		};
+
+		return this.update(query, update, { multi: true });
+	}
 
 	// INSERT
 	createWithTypeRoomIdMessageAndUser(type, roomId, message, user, extraData) {

diff --git a/packages/rocketchat-lib/server/startup/settings.js b/packages/rocketchat-lib/server/startup/settings.js
@@ -1353,6 +1353,23 @@ RocketChat.settings.addGroup('Message', function() {
 		'public': true,
 		alert: 'This feature is currently in beta and could decrease the application performance! Please report bugs to github.com/RocketChat/Rocket.Chat/issues'
 	});
+
+	this.add('Message_ErasureType', 'Delete', {
+		type: 'select',
+		'public': true,
+		values: [
+			{
+				key: 'Keep',
+				i18nLabel: 'Message_ErasureType_Keep'
+			}, {
+				key: 'Delete',
+				i18nLabel: 'Message_ErasureType_Delete'
+			}, {
+				key: 'Unlink',
+				i18nLabel: 'Message_ErasureType_Unlink'
+			}
+		]
+	});
 });
 
 RocketChat.settings.addGroup('Meta', function() {

diff --git a/packages/rocketchat-ui-flextab/client/tabs/userActions.js b/packages/rocketchat-ui-flextab/client/tabs/userActions.js
@@ -402,9 +402,12 @@ export const getActions = function({ user, directActions, hideAdminControls }) {
 			icon : 'trash',
 			name: 'Delete',
 			action: prevent(getUser, ({_id}) => {
+				const erasureType = RocketChat.settings.get('Message_ErasureType');
+				const warningKey = `Delete_User_Warning_${ erasureType }`;
+
 				modal.open({
 					title: t('Are_you_sure'),
-					text: t('Delete_User_Warning'),
+					text: t(warningKey),
 					type: 'warning',
 					showCancelButton: true,
 					confirmButtonColor: '#DD6B55',