Setting Up User Retirement in the LMS

dancasey · December 16, 2020, 5:09pm

Can someone confirm my method for enabling user retirement using the Delete Account button on the user account page?
What is the default cool off period?
How do you set the cool_off_days variable or skip the pending period?

I have tried to follow the OpenEdx Docs and apply it to using a tutor plugin.

I have created and enabled a plugin for setting the RETIREMENT_STATES (neither Discussion or Notes is enabled):

name: enable-account-retirement
version: 0.1.0
patches:
 lms-env: |
  "RETIREMENT_STATES": [
    "PENDING",
    "LOCKING_ACCOUNT",
    "LOCKING_COMPLETE",
    "RETIRING_ENROLLMENTS",
    "ENROLLMENTS_COMPLETE",
    "RETIRING_LMS",
    "LMS_COMPLETE",
    "ERRORED",
    "ABORTED",
    "COMPLETE"]
 lms-env-features: |
  "ENABLE_ACCOUNT_DELETION": true

And then populated the retirement states:
tutor local exec lms ./manage.py lms --settings=tutor.production populate_retirement_states

On pressing the Delete Account button the user is presented with a dialog box and receiving confirming they have been queued for retiring. And I can see the pending status at /admin/user_api/userretirementstatus/.

And /admin/user_api/retirementstate/ is configured as below.

I presume that there is a default “cool_off_days” period that needs to be past before the process moves into the “LOCKING_ACCOUNT” state.

I would like to confirm that the process is working without having to wait the cool off period.

I am currently testing locally using tutor, version 10.2.0

Thanks

dancasey · January 5, 2021, 12:03pm

After following the docs more tentatively (and paying more attention to the bits I didn’t understand rather than ignore them), I’ll answer my own questions.
The Tubular retirement scripts are required for retiring users.
The cool off period is set by the get_learners_to_retire.py script.
The Tubular repo can be installed and run from the Tutor host.
The scripts can be scheduled as cron jobs.

Take note of client_id and client_secret for retirement_service_worker created with

tutor local exec lms ./manage.py lms --settings=tutor.production create_dot_application retirement retirement_service_worker

Clone and install the tubular repo as per documentation

 git clone https://github.com/edx/tubular.git 
 cd tubular 
 mkdir learners_to_retire 
 python -m venv venv 
 source venv/bin/activate 
 pip install -r requirements.txt

Create the config file. Note in the docs there is a trailing backslash on the urls that caused errors for me.

client_id: <client ID for the retirement service user>
client_secret: <client secret for the retirement service user>  

base_urls: 
    lms: http://local.overhang.io 

retirement_pipeline: 
    - ['RETIRING_ENROLLMENTS', 'ENROLLMENTS_COMPLETE', 'LMS', 'retirement_unenroll'] 
    - ['RETIRING_LMS', 'LMS_COMPLETE', 'LMS', 'retirement_lms_retire']

The following Bash script can be run as a cronjob to schedule the Tubular retirement scripts, instead of the jenkins jobs in the documentation

    tubularDir=<path to your tubular directory>
    $tubularDir/venv/bin/python $tubularDir/scripts/get_learners_to_retire.py --config_file=$tubularDir/config.yml --output_dir=$tubularDir/learners_to_retire --cool_off_days=5 
    for filename in $tubularDir/learners_to_retire/*;do 
        if test ! -f "$filename";then 
            echo "No users to retire" continue 
        else 
            IFS="=" read name username <$filename 
            echo "Retiring $username" 
            $tubularDir/venv/bin/python $tubularDir/scripts/retire_one_learner.py --config_file=$tubularDir/config.yml --username=$username 
        fi 
    done

Note: When a user is retired they can not register using the same email address. Admin can create a new user, using the same email address but when you try to delete the user again the deletion fails as the hash of the email is already recorded as retired.
Note: On retirement completion the users original email and username is recorded in /admin/user_api/userretirementstatus/. I am not sure how this works with GDPR compliance and must check if this satisfies our GDPR legal people.
This is also an insightful post on Issues with Account self-deletion feature

Hopefully this helps others.