request #42976 Clear sensitive information of deleted users

Infos

Artifact ID#42976

Submitted byThomas Gerbet (tgerbet)

Last Modified On2025-05-28 11:43

Submitted on2025-05-09 12:28

Rank44685

Details

Summary *

Clear sensitive information of deleted users

Original Submission

Tuleap should clear the password information of users with a deleted status. Users with a deleted status cannot be moved back to an active status so the password information will never used ever again. It is sensitive information Tuleap should not keep it.

Globally Tuleap should not keep sensitive information like IP addresses once a user is marked as deleted.

CategoryAuthentication & LDAP

Reported in versionEmpty

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toThomas Gerbet (tgerbet)

StatusClosed

Close date2025-05-28

Attachments

AttachmentsEmpty

References

Cross references

Referencing request #42976

Git commit

tuleap/tuleap/stable

feat:request #42976 Clear sensitive information when deleting a user 30724bb807

Thomas Gerbet (tgerbet) , 2025-05-13 16:43

Merge commit 'refs/changes/28/34428/2' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD 0330d93040

Kevin Traini (ktraini) , 2025-05-28 11:42

Show items referenced by request #42976

Referenced by request #42976

Artifact

rel #41834 16.9

Other

gerrit #34428

Follow-ups

Kevin Traini (ktraini)

2025-05-28 11:43

See gerrit #34428

Status changed from Under implementation to Closed
Connected artifacts
- Added Fixed in: rel #41834
Close date set to 2025-05-28

Thomas Gerbet (tgerbet)

2025-05-13 15:52

Summary
-Clear ~~password and access tokens~~ of deleted users
+Clear sensitive information of deleted users
Original Submission

Something went wrong, the follow up content couldn't be loaded

Only formatting have been changed, you should switch to markup to see the changes