Issue summary

When using the log_entity_operations_entity submodule, a separate entity is created on every log. If the diff is enabled, this entity may contain user identifying data, such as a changed name, address, phone number etc.

In order to comply with current regulations, an admin must have the possibility to delete certain logs. He can currently only delete the entire log stack, but you might want to keep the unrelated information and only delete one certain log which contains user identifying data.

Proposed resolution

On every log entry in the Entity Log View, there should be a possibility to delete them (link or icon). A new permission should be introduced to explicitly allow an user role to delete log entries. Keep in mind that every evidence purpose is negated if the role that should be tracked, can delete logs.

Comments

fmueller_previon created an issue. See original summary.

  • fmueller_previon committed 0907ea2 on 8.x-1.x 
    Issue #3088819: GDPR Compliance: Add Log Entity deletion functionality
florianmuellerCH’s picture

florianmuellerCH
Primary language German
Location Aarau, Switzerland
CreditAttribution: florianmuellerCH commented
Status: Active » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.