GDPR
This page has been created to gather information and share code snippets to help EPrints repositories handle GDPR responsibilities.
Last Login Time
Storing the last login time of a user can be useful to identify which users are active and which are not to help ensure data is not being stored longer than is necessary.
First a new user field for storing the time is required in user_fields.pl
##user_fields.pl
push @{$c->{fields}->{user}},
{
'name' => 'last_login',
'type' => 'timestamp',
},
};
And then add the following code to $c->{check_user_password} in user_login.pl to store the time at which a user successfully logs in.
##user_login.pl
#get user from username
my $user = EPrints::DataObj::User::user_with_username( $repository, $username );
return 0 unless $user;
#get time and compile a string
my( @local ) = localtime( time );
my ( $sec, $min, $hour, $day, $mon, $year ) = ( $local[0], $local[1], $local[2], $local[3], $local[4]+1, $local[5]+1900 );
my $loginTime = "$year-$mon-$day $hour:$min:$sec";
#store the value
$user->set_value( "last_login", $loginTime );
$user->commit();
#return user
return 1;
JLRS: An alternative approach (please discuss which is better) is to set the trigger on the loginticket dataset (different field spec from above - bigint):
push @{$c->{fields}->{user}},
{
name=>"last_login",
type=>"bigint",
required=>0,
volatile=>1
}
;
$c->add_dataset_trigger( 'loginticket', EPrints::Const::EP_TRIGGER_CREATED, sub
{
my( %args ) = @_;
my( $repo, $loginticket ) = @args{qw( repository dataobj )};
# trigger is global - check that current repository 'user' dataset has last_login field to be updated
return unless $repo->get_dataset( "user" )->has_field( "last_login" );
#update volatile field in user record
my $user = EPrints::DataObj::User->new( $repo, $loginticket->get_value( "userid" ) );
if( defined $user ){
$user->set_value( "last_login", $loginticket->get_value( "expires" ) );
$user->commit();
}
}, priority => 100 );
Non-Active Users Report
TODO
Delete User Action
TODO