This is an attempt to implement a [facebook data deletion 
callback](https://developers.facebook.com/docs/development/create-an-app/app-dashboard/data-deletion-callback/).

Currently every so often (it used to be every few months but has now reduced to 
once a week or so) we will get an email from Facebook asking us to download a 
list of IDs for users that have asked to delete their data and apply those 
deletions and doing that manually is obviously rather tedious.

The alternative is to implement an HTTP endpoint as described in that document, 
which is what this tries to do.

There are a number of obvious questions, starting with what data exactly do 
they expect us to delete? As we only use the name and email to populate 
defaults on the signup form which are then confirmed directly to us by the user 
I've take it to mean just the facebook ID that links the accounts.

The second complication is that the whole things seems to assume that 
you'll have to do the deletion as a background job so you need to provide a 
URL by return that the user can use to monitor the process. I've chose to 
just return a URL that says done but with a signed copy of the ID and deletion 
time as a parameter so we can say what we did and when.

I'm sure there's probably improvements that could be made so I'm 
open to all suggestions!
You can view, comment on, or merge this pull request online at:

  https://github.com/openstreetmap/openstreetmap-website/pull/7093

-- Commit Summary --

  * Use scopes to group omniauth routes
  * Implement facebook data deletion request callback

-- File Changes --

    M app/abilities/ability.rb (1)
    A app/controllers/accounts/auth_deletions_controller.rb (51)
    A app/views/accounts/auth_deletions/create.json.jbuilder (5)
    A app/views/accounts/auth_deletions/show.html.erb (7)
    M config/locales/en.yml (4)
    M config/routes.rb (13)
    A test/controllers/accounts/auth_deletions_controller_test.rb (113)

-- Patch Links --

https://github.com/openstreetmap/openstreetmap-website/pull/7093.patchhttps://github.com/openstreetmap/openstreetmap-website/pull/7093.diff
-- 
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/7093
You are receiving this because you are subscribed to this thread.

Message ID: <openstreetmap/openstreetmap-website/pull/[email protected]>
_______________________________________________
rails-dev mailing list
[email protected]
https://lists.openstreetmap.org/listinfo/rails-dev

Reply via email to