GDPR changes for Server - Anonymise Users

Jakob Jónasson May 24, 2019

Hey Community.

 

I am considering the effect of this change on Tempo.
We have about 20 database tables to update when userKeys are changed.

From what I see here:
https://confluence.atlassian.com/adminjira/gdpr-changes-in-jira-968684265.html#GDPRchangesinJira-anonymizing

 

a) I don't see any way of intercepting an event for the update?

b) If there were such an event, would it make sense for one user at a time or all the users?

 

c) My thinking is that if we get all updated user keys in a single event, we can:

1. Store the user key mappings in a temporary table.
2. Update each database table one at a time with a join to that table (~20 SQL updates).
3. Run all the SQL updates in a single database transaction?
4. Delete the updated users key from the temporary table.
5. Create a UI for users to retry a failed update.
6. Notify users somehow if the app is in an unstable state caused by a `not complete update`.

d) Updating one user at a time will be slower we will need 20XUSER_COUNT SQL updates. I am thinking that is not optimal?


e)  Should Jira be locked while this operation is in progress?

 

 

2 comments

Comment

Log in or Sign up to comment
Jakob Jónasson May 24, 2019

I see now this event UserKeyChangedEvent, seems like this will be called per user meaning that we will need to update each user one at a time.

 

We could save this event to a table and update all together but seems suboptimal.

 

Is there any good reason to update only one at a time?

Domenico Manzo _Actonic_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
June 29, 2020

GDPR is a very important and essential topic. This topic is becoming more and more relevant for companies, but it also involves many and large cost risks if you are not GDPR-compliant!
Actonic has been dealing with the topic GDPR since 2015 and is the only provider worldwide which offers the possibility to become full GDPR compliant!
All relevant information about GDPR including the solutions can be found here:

Be GDPR compliant, Part 1: everything you need to know about getting consent in Jira and Confluence: https://www.actonic.de/en/be-gdpr-compliant-part-1-everything-you-need-to-know-about-getting-consent-in-jira-and-confluence/


Be GDPR compliant, Part 2: ensure the right to erasure, find and anonymize PII in Jira: https://www.actonic.de/en/be-gdpr-compliant-part-2-ensure-the-right-to-erasure-find-and-anonymize-pii-in-jira/

Disclaimer: I work at Actonic, the vendor publishing the aforementioned app. I'm posting this because we want to provide high quality solutions and make them available to people who need them. I hope someone finds our product useful. Thank you.

TAGS
AUG Leaders

Atlassian Community Events