Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-2678

Allow for full deletion of client data

    Details

    • Type: Story
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 4.2.0
    • Fix Version/s: 4.3.0-b1
    • Component/s: Staff Interface
    • Labels:
      None

      Description

      Under a client profile page there is a delete client option for staff, that requires ACL permissions to access. This option only works if the client has no invoices, services, or transactions, including cancelled or paid invoices.

      This option should be updated to delete all of the client's data, so long as the following conditions are met:

      • No open invoices
      • No recurring invoices
      • No active services

      The action should delete:

      • All invoices belonging to this client
      • All services, including service meta data for this client
      • All transactions for this client
      • All contacts (The primary client contact, and all other types) belonging to this client
      • The client's email logs
      • The client's "Set Packages" for restricted packages.
      • The client's contact update logs
      • The client's authentication logs
      • The client's client settings
      • The client's custom contact fields
      • The client's notes (staff notes for the client)
      • The client's payment accounts (CC & ACH)
      • The client's tickets (If the Support Manager is installed)
      • The client's orders (If the Order Manager is installed)

      Regarding the last item, it may be necessary to add an optional method or event for plugins to delete client specific data.

      Essentially, there should be no record of the client.

      There may be evidence in the module log for services provisioned, if they have not yet been rotated out, but we do not need to touch this. It's up to each company to have a proper rotation policy in place to delete logs that would normally be rotated by Blesta.

      Message should say something about this being permanent, and the staff member must enter their password.
      This should all happen in a transaction via events

        Activity

          People

          • Assignee:
            jonathan Jonathan Reissmueller
            Reporter:
            admin Paul Phillips
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:
              Fix Release Date:
              15/Jun/18

              Time Tracking

              Estimated:
              Original Estimate - Not Specified
              Not Specified
              Remaining:
              Remaining Estimate - 0 minutes
              0m
              Logged:
              Time Spent - 1 week, 25 minutes
              1w 25m

                Agile