Hi everyone. I will be away today and tomorrow but I will plan to look at this upon my return.
Thanks! Dan On Thu, May 10, 2018 at 9:19 PM, Maxim Solodovnik <[email protected]> wrote: > Thanks again Daniel, > > I believe all external links should be removed > > What is different: > We are > 1) not tracking user activity > 2) not adding custom images to check if email was delivered > 3) using email to invite user or notify about event > 4) language/country is used to display OM in user native language > 5) not processing data > > do collecting IP addresses on temporary basis > for logging - to be able to understand what was wrong - being cleaned up > after configurable period > > something like this > > On Fri, May 11, 2018 at 12:10 AM, Daniel Ascher <[email protected]> > wrote: > >> No problem Maxim. I can do that. The only thing I need to know is what >> will be different for OpenMeetings. For example there are many links in the >> document that would need to point to something. >> >> I will take a look and then let you know which questions I have. Also, if >> there is someone who is an attorney in this usergroup it would be helpful >> for me to work with that person, even if he/she is not a native English >> speaker. >> >> Dan >> >> On Thu, May 10, 2018 at 12:54 PM, Maxim Solodovnik <[email protected]> >> wrote: >> >>> Thanks a lot Daniel, >>> >>> Maybe you can create basic "Privacy Statement" based on this [1] one >>> (public domain) >>> And we can polish it in mailing list? >>> >>> I definitely wrong person for this :(( >>> >>> [1] https://help.github.com/articles/github-privacy-statement/ >>> >>> On Thu, May 10, 2018 at 11:44 PM, Daniel Ascher <[email protected]> >>> wrote: >>> >>>> Sure! Happy to help with this. :) >>>> >>>> Please send me the text once it's ready and I'll review it and discuss >>>> issues with the group. >>>> >>>> Thanks! Dan >>>> >>>> On Thu, May 10, 2018 at 12:36 PM, Maxim Solodovnik < >>>> [email protected]> wrote: >>>> >>>>> Hello Peter, All, >>>>> >>>>> Just have added link to privacy policy to register dialog (available >>>>> at upcoming build, will update demo ASAP) >>>>> >>>>> Would appreciate is *Native English Speaker* can help with English >>>>> privacy statement >>>>> I'll try to create one based on this [1], but I would strongly prefer >>>>> to get help with this task >>>>> >>>>> @Daniel, maybe you can help? >>>>> >>>>> According to restoration of deleted user, I'll try to invent something >>>>> .... (don't like the idea of adding additional "purged" flag) >>>>> >>>>> [1] https://help.github.com/articles/github-privacy-statement/ >>>>> >>>>> On Thu, Apr 26, 2018 at 7:12 PM, Peter Dähn <[email protected]> wrote: >>>>> >>>>>> Hi Maxim, >>>>>> >>>>>> I've tested the current state. Seems to be done so far. One little >>>>>> thing I hope... When I choose a purged user I have the possibility >>>>>> (button) >>>>>> to restore that account. Db will be set deleted false... Doesn't make >>>>>> sense, I think. >>>>>> >>>>>> Purge themselves is a way to disagree (I didn't see it till now...), >>>>>> I think. But a few more clicks are needed to get to that point... But I >>>>>> think this is ok as long as nobody complain about it. This function need >>>>>> to >>>>>> be described in the privacy policy. I hope thats it... >>>>>> >>>>>> Almost all done? Maybe someone else could also test this. >>>>>> >>>>>> Do you mean the a sample privacy policy here? *"And maybe you can >>>>>> provide sample "personal data agreement" text?"* >>>>>> >>>>>> I think at least for english... This is a task for a native >>>>>> speaker... In UK they also need to be compliant with GDPR. Maybe someone >>>>>> from there could provide some text. >>>>>> >>>>>> Greetings Peter >>>>>> >>>>>> >>>>>> Am 26.04.2018 um 12:04 schrieb Maxim Solodovnik: >>>>>> >>>>>> As per current implementation users can purge themselves >>>>>> This can't be undone .... >>>>>> >>>>>> Is this "a way to disagree" ? >>>>>> >>>>>> On Thu, Apr 26, 2018 at 2:35 PM, Peter Dähn <[email protected]> wrote: >>>>>> >>>>>>> Hi Maxim, >>>>>>> >>>>>>> I will test it during the day.... >>>>>>> >>>>>>> Yes you are right... This need to be done during registration. >>>>>>> checkbox and link to the privacy policy that need to be placed >>>>>>> somewhere. >>>>>>> >>>>>>> Agreement for data processing need to be double opt-in. Most likely >>>>>>> via E-Mail. I think an e-mail template that could be changed easily is >>>>>>> the >>>>>>> most flexible way. >>>>>>> >>>>>>> And there should a way to disagree further data-processing. "The way >>>>>>> to disagree need to be as easy as the way to agree"... My understanding: >>>>>>> that would be our "soft delete"... If this is used, there should be a >>>>>>> way >>>>>>> for the user to reactivate this account. E.g. check registration e-mail >>>>>>> and >>>>>>> if it is soft deleted the registration confirm e-mail could have the >>>>>>> option >>>>>>> to reactivate the old account or generate a new one >>>>>>> >>>>>>> Back later, when I've tested current build >>>>>>> Greetings Peter >>>>>>> >>>>>>> >>>>>>> >>>>>>> Am 26.04.2018 um 08:09 schrieb Maxim Solodovnik: >>>>>>> >>>>>>> All your comments should be addressed in latest build available >>>>>>> >>>>>>> Could you please re-check? >>>>>>> >>>>>>> This question was not answered ..... >>>>>>> >>>>>>> Additional question: >>>>>>> "Registration-Dialog need to have a button/step to agree the data >>>>>>> processing. And to this belongs a button to disagree." >>>>>>> >>>>>>> I guess user should be able to register only if he/she agree to data >>>>>>> processing >>>>>>> Registration should be impossible if user disagree >>>>>>> So I guess having following controls at registration dialog would be >>>>>>> sufficient: >>>>>>> >>>>>>> 1) "I agree my data will be processed" checkbox >>>>>>> 2) "display agreement" button >>>>>>> >>>>>>> would it be OK? >>>>>>> >>>>>>> On Wed, Apr 25, 2018 at 6:16 PM, Maxim Solodovnik < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> These errors seems to be caused by code changes after testing :( >>>>>>>> I'll double-check it >>>>>>>> >>>>>>>> IP addresses are cleaned up by periodic job. >>>>>>>> Will also add clean by purge >>>>>>>> Thanks for checking! >>>>>>>> >>>>>>>> WBR, Maxim >>>>>>>> (from mobile, sorry for the typos) >>>>>>>> >>>>>>>> On Wed, Apr 25, 2018, 17:33 Peter Dähn <[email protected]> wrote: >>>>>>>> >>>>>>>>> Hi Maxim, >>>>>>>>> >>>>>>>>> first test... >>>>>>>>> >>>>>>>>> purge confirmation dialogue should be different from delete... >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> maybe "Do you really want to purge this item? This can't be >>>>>>>>> undone!" Something like that... >>>>>>>>> >>>>>>>>> After purge I got an 500 internal error page... >>>>>>>>> >>>>>>>>> openmeetings.log: >>>>>>>>> >>>>>>>>> *ERROR 04-25 12:05:13.708 o.a.w.DefaultExceptionMapper:170 >>>>>>>>> [nio-5080-exec-3] - Unexpected error occurred* >>>>>>>>> *java.lang.NullPointerException: zoneId* >>>>>>>>> * at java.util.Objects.requireNonNull(Objects.java:228)* >>>>>>>>> * at java.time.ZoneId.of(ZoneId.java:311)* >>>>>>>>> * at >>>>>>>>> org.apache.openmeetings.util.CalendarHelper.getZoneId(CalendarHelper.java:30)* >>>>>>>>> * at >>>>>>>>> org.apache.openmeetings.util.CalendarHelper.getZoneDateTime(CalendarHelper.java:43)* >>>>>>>>> * at >>>>>>>>> org.apache.openmeetings.util.CalendarHelper.getDate(CalendarHelper.java:47)* >>>>>>>>> * at org.apache.openmeetings.web.co >>>>>>>>> <http://org.apache.openmeetings.web.co>mmon.GeneralUserForm.updateModelObject(GeneralUserForm.java:173)* >>>>>>>>> * at org.apache.openmeetings.web.ad >>>>>>>>> <http://org.apache.openmeetings.web.ad>min.users.UserForm.onModelChanged(UserForm.java:198)* >>>>>>>>> * at org.apache.wicket.Component.mo >>>>>>>>> <http://org.apache.wicket.Component.mo>delChanged(Component.java:2143)* >>>>>>>>> * at org.apache.wicket.Component.se >>>>>>>>> <http://org.apache.wicket.Component.se>tDefaultModelObject(Component.java:3026)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.IGenericComponent.setModelObject(IGenericComponent.java:81)* >>>>>>>>> * at org.apache.openmeetings.web.ad >>>>>>>>> <http://org.apache.openmeetings.web.ad>min.users.UserForm.updateForm(UserForm.java:266)* >>>>>>>>> * at org.apache.openmeetings.web.ad >>>>>>>>> <http://org.apache.openmeetings.web.ad>min.users.UserForm.purgeUser(UserForm.java:240)* >>>>>>>>> * at org.apache.openmeetings.web.ad >>>>>>>>> <http://org.apache.openmeetings.web.ad>min.users.UserForm.onPurgeSubmit(UserForm.java:214)* >>>>>>>>> * at org.apache.openmeetings.web.ad >>>>>>>>> <http://org.apache.openmeetings.web.ad>min.AdminBaseForm$1.onPurgeSubmit(AdminBaseForm.java:75)* >>>>>>>>> * at org.apache.openmeetings.web.co >>>>>>>>> <http://org.apache.openmeetings.web.co>mmon.FormActionsPanel$3.onSubmit(FormActionsPanel.java:93)* >>>>>>>>> * at org.apache.openmeetings.web.co >>>>>>>>> <http://org.apache.openmeetings.web.co>mmon.ConfirmableAjaxBorder.lambda$new$5f39bb3f$1(ConfirmableAjaxBorder.java:74)* >>>>>>>>> * at org.apache.openmeetings.web.co >>>>>>>>> <http://org.apache.openmeetings.web.co>mmon.ConfirmableAjaxBorder$ConfirmableBorderDialog.onSubmit(ConfirmableAjaxBorder.java:196)* >>>>>>>>> * at >>>>>>>>> com.googlecode.wicket.jquery.ui.widget.dialog.AbstractFormDialog$DialogFormSubmitter.onSubmit(AbstractFormDialog.java:294)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.markup.html.form.Form.delegateSubmit(Form.java:1268)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.markup.html.form.Form.process(Form.java:963)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:787)* >>>>>>>>> * at >>>>>>>>> com.googlecode.wicket.jquery.ui.widget.dialog.AbstractFormDialog.internalOnClick(AbstractFormDialog.java:215)* >>>>>>>>> * at >>>>>>>>> com.googlecode.wicket.jquery.ui.widget.dialog.AbstractDialog$1.onClick(AbstractDialog.java:413)* >>>>>>>>> * at >>>>>>>>> com.googlecode.wicket.jquery.ui.widget.dialog.DialogBehavior.onAjax(DialogBehavior.java:188)* >>>>>>>>> * at >>>>>>>>> com.googlecode.wicket.jquery.core.ajax.JQueryAjaxBehavior.re >>>>>>>>> <http://ore.ajax.JQueryAjaxBehavior.re>spond(JQueryAjaxBehavior.java:173)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.ajax.AbstractDefaultAjaxBehavior.onRequest(AbstractDefaultAjaxBehavior.java:598)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.core.request.handler.ListenerRequestHandler.internalInvoke(ListenerRequestHandler.java:306)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.core.request.handler.ListenerRequestHandler.invoke(ListenerRequestHandler.java:280)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.core.request.handler.ListenerRequestHandler.invokeListener(ListenerRequestHandler.java:222)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.core.request.handler.ListenerRequestHandler.respond(ListenerRequestHandler.java:208)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:912)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.request.RequestHandlerExecutor.execute(RequestHandlerExecutor.java:65)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:283)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:253)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:221)* >>>>>>>>> * at org.apache.wicket.protocol.ws >>>>>>>>> <http://org.apache.wicket.protocol.ws>.AbstractUpgradeFilter.processRequestCycle(AbstractUpgradeFilter.java:70)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:204)* >>>>>>>>> * at >>>>>>>>> org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:286)* >>>>>>>>> * at >>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)* >>>>>>>>> * at >>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)* >>>>>>>>> * at >>>>>>>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)* >>>>>>>>> * at >>>>>>>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)* >>>>>>>>> * at >>>>>>>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:611)* >>>>>>>>> * at >>>>>>>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)* >>>>>>>>> * at >>>>>>>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)* >>>>>>>>> * at >>>>>>>>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:651)* >>>>>>>>> * at >>>>>>>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)* >>>>>>>>> * at >>>>>>>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)* >>>>>>>>> * at >>>>>>>>> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:407)* >>>>>>>>> * at >>>>>>>>> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)* >>>>>>>>> * at >>>>>>>>> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:754)* >>>>>>>>> * at org.apache.tomcat.util.net >>>>>>>>> <http://org.apache.tomcat.util.net>.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1376)* >>>>>>>>> * at org.apache.tomcat.util.net >>>>>>>>> <http://org.apache.tomcat.util.net>.SocketProcessorBase.run(SocketProcessorBase.java:49)* >>>>>>>>> * at >>>>>>>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)* >>>>>>>>> * at >>>>>>>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)* >>>>>>>>> * at >>>>>>>>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)* >>>>>>>>> * at java.lang.Thread.run(Thread.java:745)* >>>>>>>>> >>>>>>>>> this error is also shown after choosing a purged user. Set >>>>>>>>> time_zone manually in db fixed it. >>>>>>>>> time_zone seems to be deleted while purging and then it causes the >>>>>>>>> error. >>>>>>>>> >>>>>>>>> om_user-table will be handled correctly. >>>>>>>>> conference_log preserves the ip-address >>>>>>>>> address-table preserves the address >>>>>>>>> chat-table preserves from_name >>>>>>>>> >>>>>>>>> Did I miss something? >>>>>>>>> >>>>>>>>> >>>>>>>>> Am 25.04.2018 um 09:00 schrieb Peter Dähn: >>>>>>>>> >>>>>>>>> Good morning Maxim, >>>>>>>>> >>>>>>>>> I was alone in the office these days... unfortunatly there were no >>>>>>>>> time left... But I red right in the moment the RUNNING.txt... all a >>>>>>>>> bit >>>>>>>>> different... ;-) >>>>>>>>> >>>>>>>>> I'm going to text it now... give me a bit time... ;-) >>>>>>>>> >>>>>>>>> Am 25.04.2018 um 04:41 schrieb Maxim Solodovnik: >>>>>>>>> >>>>>>>>> Good morning Peter :) >>>>>>>>> >>>>>>>>> were you able to take a look at this issue? >>>>>>>>> >>>>>>>>> On Mon, Apr 23, 2018 at 2:37 PM, Peter Dähn <[email protected]> >>>>>>>>> <[email protected]> wrote: >>>>>>>>> >>>>>>>>> Hi Maxim, >>>>>>>>> >>>>>>>>> I will have a look right now. >>>>>>>>> >>>>>>>>> Greetings Peter >>>>>>>>> >>>>>>>>> >>>>>>>>> Am 21.04.2018 um 18:17 schrieb Maxim Solodovnik: >>>>>>>>> >>>>>>>>> Hello Peter, >>>>>>>>> >>>>>>>>> this is partially implemented >>>>>>>>> Could you please test current implementation using latest nightly >>>>>>>>> build? >>>>>>>>> >>>>>>>>> And maybe you can provide sample "personal data agreement" text? >>>>>>>>> >>>>>>>>> On Wed, Apr 11, 2018 at 6:38 PM, Peter Dähn <[email protected]> >>>>>>>>> <[email protected]> wrote: >>>>>>>>> >>>>>>>>> I try... ;-) >>>>>>>>> >>>>>>>>> >>>>>>>>> Am 11.04.2018 um 13:11 schrieb Maxim Solodovnik: >>>>>>>>> >>>>>>>>> Will write it as a requirement, will see what can be done here >>>>>>>>> Thanks a lot for the quick answers! >>>>>>>>> >>>>>>>>> On Wed, Apr 11, 2018 at 5:34 PM, Peter Dähn <[email protected]> >>>>>>>>> <[email protected]> wrote: >>>>>>>>> >>>>>>>>> ip-address is now a private date... it have to be at least >>>>>>>>> anonymised >>>>>>>>> after 7 (maybe 14 days)... ipv4 addresses delete last 8 >>>>>>>>> recommended 16 >>>>>>>>> bit >>>>>>>>> (192.168.123.0 or 192.168.0.0) and ipv6 preserve first 48 -8 or >>>>>>>>> better >>>>>>>>> 16 >>>>>>>>> Bit (2a00:1234:56:: or 2a00:1234::) Maybe this could be done >>>>>>>>> automated >>>>>>>>> after >>>>>>>>> 7 Days? >>>>>>>>> >>>>>>>>> Greetings Peter >>>>>>>>> >>>>>>>>> Am 11.04.2018 um 09:31 schrieb Maxim Solodovnik: >>>>>>>>> >>>>>>>>> According "Hash algorithm" I planned to use random UUID >>>>>>>>> so All fields will look like this: >>>>>>>>> "Purged_54cd4426-1c0a-4ab8-bb35-eb6d26da99cf" >>>>>>>>> >>>>>>>>> Are you sure IP should be cleaned-up? There will be no chance to >>>>>>>>> "restore" >>>>>>>>> who was this user ..... >>>>>>>>> >>>>>>>>> On Wed, Apr 11, 2018 at 2:18 PM, Peter Dähn <[email protected]> >>>>>>>>> <[email protected]> wrote: >>>>>>>>> >>>>>>>>> Hi Maxim, >>>>>>>>> >>>>>>>>> I think this list is complete and you are right, this is a lot of >>>>>>>>> stuff. >>>>>>>>> >>>>>>>>> The option that you suggest sound much more feasible. From my >>>>>>>>> point of >>>>>>>>> few this should be enough. >>>>>>>>> >>>>>>>>> Hash algorithm need to be state of the art. IP-address in >>>>>>>>> ConferenceLog >>>>>>>>> need to be cleaned. >>>>>>>>> >>>>>>>>> I think this is a good way. >>>>>>>>> >>>>>>>>> Btw... is there is a way/setting to anonymize IP-adresses while >>>>>>>>> logging? >>>>>>>>> Otherwise I need to write a script to do so. Maybe I need to do it >>>>>>>>> anyway to >>>>>>>>> kick out usernames. Logfiles need to be delete after 7 (maybe 14) >>>>>>>>> days >>>>>>>>> or >>>>>>>>> they need to be without any userdata. >>>>>>>>> >>>>>>>>> Greetings Peter >>>>>>>>> >>>>>>>>> >>>>>>>>> Am 11.04.2018 um 06:43 schrieb Maxim Solodovnik: >>>>>>>>> >>>>>>>>> Hello Peter, >>>>>>>>> >>>>>>>>> Here is the high level list of what need to done to "hard delete" >>>>>>>>> user >>>>>>>>> from the system: >>>>>>>>> >>>>>>>>> delete user >>>>>>>>> delete all user contacts (also users, so we might have recursion >>>>>>>>> here) >>>>>>>>> delete user from all groups >>>>>>>>> delete user from room moderators >>>>>>>>> delete all appointments with owner == user >>>>>>>>> delete all calendars with owner == user >>>>>>>>> delete all meeting members in appointments where owner != user >>>>>>>>> delete all Private Messages where user is in to/from fields >>>>>>>>> delete all UserContact + Requests >>>>>>>>> delete all invitation sent by this user >>>>>>>>> delete all private rooms owned by this user >>>>>>>>> delete all user private files/recordings >>>>>>>>> delete all chat messages send/received by this user >>>>>>>>> clean email messages >>>>>>>>> clean all Polls/answers >>>>>>>>> >>>>>>>>> >>>>>>>>> This list scares me a lot :((( >>>>>>>>> >>>>>>>>> So let's discuss the option: "Mark user deleted and clean-up >>>>>>>>> sensitive >>>>>>>>> information" >>>>>>>>> >>>>>>>>> What I would propose: >>>>>>>>> >>>>>>>>> In Admin->User area >>>>>>>>> >>>>>>>>> display all users (deleted should be "read-only" with restore and >>>>>>>>> purge >>>>>>>>> options only) >>>>>>>>> add additional "Purge" button >>>>>>>>> In case Purge will be selected: >>>>>>>>> >>>>>>>>> User will be marked deleted >>>>>>>>> AsteriskSipUser and Address will be replaced with empty objects >>>>>>>>> User fields "age, externaluserid, firstname, lastname, login, >>>>>>>>> pictureuri" >>>>>>>>> will be replaced with "Purged_some_hash" >>>>>>>>> User profile picture will be deleted >>>>>>>>> ChatMessage: fromName will be replaced with "Purged User" >>>>>>>>> MailMessage: should be purged (some search by email will be >>>>>>>>> required) >>>>>>>>> >>>>>>>>> ConferenceLog right now contains userId+UserIp right now, so it is >>>>>>>>> 2 >>>>>>>>> numbers should it be cleaned up? >>>>>>>>> >>>>>>>>> SOAPLogin contains clientURL and doesn't contains userId, so it is >>>>>>>>> impossible to associate SoapLogin object with particular user >>>>>>>>> >>>>>>>>> >>>>>>>>> Would it be enough? >>>>>>>>> >>>>>>>>> >>>>>>>>> On Fri, Apr 6, 2018 at 4:21 PM, Peter Dähn <[email protected]> >>>>>>>>> <[email protected]> wrote: >>>>>>>>> >>>>>>>>> Hi Maxim, >>>>>>>>> >>>>>>>>> hard delete as only option would be the easiest way (for the >>>>>>>>> admin). >>>>>>>>> One >>>>>>>>> doesn't need to remind "hard delete" at a given time... I think it >>>>>>>>> need to >>>>>>>>> be implemented anyway. I thought just the ones that doesn't need >>>>>>>>> to >>>>>>>>> take >>>>>>>>> care about these regulation could keep things as they are now... >>>>>>>>> >>>>>>>>> Greetings Peter >>>>>>>>> >>>>>>>>> >>>>>>>>> Am 06.04.2018 um 10:09 schrieb Maxim Solodovnik: >>>>>>>>> >>>>>>>>> I'm afraid there will be no option to "final delete one record" >>>>>>>>> It will be: perform total clean-up and hard delete all soft >>>>>>>>> deleted >>>>>>>>> records >>>>>>>>> >>>>>>>>> Or better to perform: hard delete as the only option? >>>>>>>>> >>>>>>>>> On Fri, Apr 6, 2018 at 2:44 PM, Peter Dähn <[email protected]> >>>>>>>>> <[email protected]> wrote: >>>>>>>>> >>>>>>>>> Hi Maxim, >>>>>>>>> >>>>>>>>> "soft" and "final delete" should be enough I think... >>>>>>>>> >>>>>>>>> It just need to be "findable" and described for new admins that >>>>>>>>> provide the >>>>>>>>> service in the EU... >>>>>>>>> >>>>>>>>> jira in a second... >>>>>>>>> >>>>>>>>> Greetings Peter >>>>>>>>> >>>>>>>>> >>>>>>>>> Am 05.04.2018 um 17:47 schrieb Maxim Solodovnik: >>>>>>>>> >>>>>>>>> Hello Peter, >>>>>>>>> >>>>>>>>> This sounds like lots of new testing :( >>>>>>>>> Will try to find time and include it in 4.0.3/4.0.4 >>>>>>>>> >>>>>>>>> (have very limited time right now :( ) >>>>>>>>> Will appreciated any help with testing >>>>>>>>> >>>>>>>>> Would it be OK to perform "final delete" in clean-up widget? i.e. >>>>>>>>> delete will be "soft delete", then in if will push "Clean-up" all >>>>>>>>> soft >>>>>>>>> deleted data will be hard deleted ... >>>>>>>>> Or it doesn't worth to have both? only hard delete will be enough? >>>>>>>>> >>>>>>>>> On Thu, Apr 5, 2018 at 5:55 PM, Peter Dähn <[email protected]> >>>>>>>>> <[email protected]> wrote: >>>>>>>>> >>>>>>>>> Hey there, >>>>>>>>> >>>>>>>>> new privacy regulations will take place on the 25th May 2018 in >>>>>>>>> Europe. >>>>>>>>> You >>>>>>>>> could find informations about it by searching for General Data >>>>>>>>> Protection >>>>>>>>> Regulation (EU) 2016/679. >>>>>>>>> >>>>>>>>> To use openmeetings after the 25th of May (in Europe) there need >>>>>>>>> to >>>>>>>>> be a >>>>>>>>> few >>>>>>>>> changes. We use openmeetings integrated. So I will mainly be >>>>>>>>> focused >>>>>>>>> on >>>>>>>>> the >>>>>>>>> room. >>>>>>>>> >>>>>>>>> I have 3 points that are really necessary: >>>>>>>>> >>>>>>>>> 1. User deletion: Datasets of users that will be deleted need to >>>>>>>>> be >>>>>>>>> remove >>>>>>>>> from the database, not just marked as deleted. Probably it is >>>>>>>>> enough >>>>>>>>> to >>>>>>>>> hash >>>>>>>>> those fields. >>>>>>>>> >>>>>>>>> I think critical fields are in table: >>>>>>>>> >>>>>>>>> om_user -> age, externaluserid, firstname, >>>>>>>>> lastname, >>>>>>>>> login, >>>>>>>>> pictureuri (and picture itself) and sip_user_id >>>>>>>>> >>>>>>>>> conferencelog -> email, external_user_id, >>>>>>>>> firstname, >>>>>>>>> lastname, >>>>>>>>> user_id, userip >>>>>>>>> >>>>>>>>> soaplogin -> client_url (contains the ip-address) >>>>>>>>> >>>>>>>>> sipusers (here empty so please check) -> >>>>>>>>> defaultuser, >>>>>>>>> host, >>>>>>>>> ipaddr, name >>>>>>>>> >>>>>>>>> address -> email, fax, phone >>>>>>>>> >>>>>>>>> chat -> from_name >>>>>>>>> >>>>>>>>> e-mail_queue (if not empty) -> recipients, replyto >>>>>>>>> >>>>>>>>> 2. There need to be a place to place a (customized) privacy >>>>>>>>> policy. >>>>>>>>> >>>>>>>>> 3. Registration-Dialog need to have a button/step to agree the >>>>>>>>> data >>>>>>>>> processing. And to this belongs a button to disagree. >>>>>>>>> >>>>>>>>> >>>>>>>>> As far as I can see this need to be done in the first place. I'm >>>>>>>>> sure >>>>>>>>> there >>>>>>>>> are more things to do. Maybe someone can complete it. >>>>>>>>> >>>>>>>>> >>>>>>>>> Greetings Peter >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> WBR >>>>>>>>> Maxim aka solomax >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> WBR >>>>>>>>> Maxim aka solomax >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> WBR >>>>>>>>> Maxim aka solomax >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> WBR >>>>>>> Maxim aka solomax >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> WBR >>>>>> Maxim aka solomax >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> WBR >>>>> Maxim aka solomax >>>>> >>>> >>>> >>>> >>>> -- >>>> Daniel Ascher, M.Ed. >>>> President >>>> A+ Test Prep and Tutoring >>>> "Creating Bright Futures" >>>> >>>> 505 York Road, Suite 6 >>>> <https://maps.google.com/?q=505+York+Road,+Suite+6+Jenkintown,+PA+19046+Office:%C2%A0+215&entry=gmail&source=g> >>>> Jenkintown, PA 19046 >>>> <https://maps.google.com/?q=505+York+Road,+Suite+6+Jenkintown,+PA+19046+Office:%C2%A0+215&entry=gmail&source=g> >>>> Office: >>>> <https://maps.google.com/?q=505+York+Road,+Suite+6+Jenkintown,+PA+19046+Office:%C2%A0+215&entry=gmail&source=g> >>>> 215 >>>> <https://maps.google.com/?q=505+York+Road,+Suite+6+Jenkintown,+PA+19046+Office:%C2%A0+215&entry=gmail&source=g> >>>> .886.9188 >>>> Direct: 267.242.9640 >>>> Sign Up for A+ News and Test Prep Tips! >>>> <http://www.aplustutoring.com/sign-up-for-a-news> >>>> www.aplustutoring.com >>>> >>> >>> >>> >>> -- >>> WBR >>> Maxim aka solomax >>> >> >> >> >> -- >> Daniel Ascher, M.Ed. >> President >> A+ Test Prep and Tutoring >> "Creating Bright Futures" >> >> 505 York Road, Suite 6 >> <https://maps.google.com/?q=505+York+Road,+Suite+6+Jenkintown,+PA+19046+Office:%C2%A0+215&entry=gmail&source=g> >> Jenkintown, PA 19046 >> <https://maps.google.com/?q=505+York+Road,+Suite+6+Jenkintown,+PA+19046+Office:%C2%A0+215&entry=gmail&source=g> >> Office: >> <https://maps.google.com/?q=505+York+Road,+Suite+6+Jenkintown,+PA+19046+Office:%C2%A0+215&entry=gmail&source=g> >> 215 >> <https://maps.google.com/?q=505+York+Road,+Suite+6+Jenkintown,+PA+19046+Office:%C2%A0+215&entry=gmail&source=g> >> .886.9188 >> Direct: 267.242.9640 >> Sign Up for A+ News and Test Prep Tips! >> <http://www.aplustutoring.com/sign-up-for-a-news> >> www.aplustutoring.com >> > > > > -- > WBR > Maxim aka solomax > -- Daniel Ascher, M.Ed. President A+ Test Prep and Tutoring "Creating Bright Futures" 505 York Road, Suite 6 Jenkintown, PA 19046 Office: 215.886.9188 Direct: 267.242.9640 Sign Up for A+ News and Test Prep Tips! <http://www.aplustutoring.com/sign-up-for-a-news> www.aplustutoring.com
