After reading the posts, I would like to try to summarize the inputs
-
I believe it is an important function to allow users to remove their account (and their personal information) from any site they have created. The issue of content created by a user is more problematic and is addressed below. I recognize there isn’t universal agreement on this, that is why this is proposed as an optional add on product.
-
A user should be able to delete their account and, at a minimum, their personal information and stop receiving any messages from any Plone site. This account deletion should be final. To me, this is a privacy issue. Again, personal opinion; however, I don’t see any reason why a person shouldn’t be able to remove themselves.
-
A user will delete themselves as follows:
a. Log in
b. In the flyout next to their name, This will be added: “Delete Account”
c. If selected, this happens: a) require to log in again (this would be a nice touch, if not too difficult); b) text box explaining your account and personal information will be deleted (we may want to explain about what happens to content (deleted or not). Continue Y/N
d. If yes, I assume the user is logged out and the deletion happens (not a programmer, so just a guess). The user account is permanently deleted. -
The content the user created is more problematic as to who owns, and thus who can delete it. Since Plone has broad uses in many countries, there will never be agreement on this issue, so a configlet with options is required.
e. To handle content retention/deletion, there would be a configlet with the options:
i. “Will users have option to delete their content during account deletion? Yes/No” (Note: if no, then issue of orphaned content would have to be handled, maybe by using the ‘user_deleted’ approach. 2) if user won’t be allowed to delte their created content, this should be clearly stated during the sign up process.
ii. If yes to above, do you want content deleted permanently or automatically assigned to ‘user_deleted’? (Radio button to choose) (Note: either option will prevent orphaned content, which should not allowed as it isn’t good site practice.)
iii. If “assigned to ‘user_deleted’ chosen, should the content be moved back to Private state to run through approval process again? Y/N
(Note: the purpose here is to ensure the content will go through the site approval process to determine if it is still relevant/appropriate for the site.
The wording/functionality on the configlet obviously needs work, but I think the intent is clear.
I believe this would allow users to control their personal information; however, give site admins the option to control content created for the site. Thus, sites could allow users to completely control their created content (allow them to delete it) or take control of the content, viewing it as property of the site. Allowing this option removes the debate over privacy, which varies widely across the world. (Note: this issue of who controls the content could be fully addressed to the prospective user during account creation.)
Does this sum up the issue?
Note: I looked at: Delete user that created content