.. _UC23: Use Case 23 - Owner Expunge Content ----------------------------------- .. index:: Use Case 23, UC23, expunge, remove content, take down Revisions View document revision history_. Goal User can find out where all copies of my data are in the system and can expunge them. Summary In some cases it may be desirable for a data owner to remove all their content from the system, however this use case conflicts with the general premise of DataONE to preserve information. A useful compromise *may* be to expunge content that has no known references to it. There may be situations where content removal may be necessary for system or community integrity - for example if content uploaded to the system is determined to contain dangerous content such as viruses, the data owner is discovered to have committed fraud, or the content may be protected and must be removed for legal reasons. In any case, it would seem that a data manager or curator should be involved in such decisions. Actors - Data owner - Data curator - Member Nodes - Coordinating Nodes - Notification system (referrers should be notified of removal) Preconditions - Content exists in the system that must be removed - A decision has been made to remove all / some content Triggers - All triggers for this should be through administrative / curatorial procedures. Post Conditions - The targeted content is no longer present in the DataONE system - Subscribers are be notified of the change .. uml:: @startuml images/23_seq.png actor "User (Data Owner)" as user participant "Client" as app_client << Application >> user -> app_client participant "Authentication API" as c_authenticate << Coordinating Node >> app_client -> c_authenticate: login (user, pw) app_client <-- c_authenticate: token or failure participant "Query API" as c_query << Coordinating Node >> app_client -> c_query: getAllCopies (token, ownerID) participant "Authorization API" as c_authorize << Coordinating Node >> c_query -> c_authorize: isAuth (token, resultset) participant "Verify API" as c_ver << Coordinating Node >> c_authorize -> c_ver: isValidToken (token) c_authorize <-- c_ver: T or F c_query <-- c_authorize: T or F app_client <-- c_query: records or fail participant "CRUD API" as c_crud << Coordinating Node >> app_client -> c_crud: deleteRecords (token, listOfPids) app_client <-- c_crud: ack or fail note right Can the Query API find out where all copies of my data are in the system or should this be handled by another API? end note @enduml *Figure 1.* Interactions for use case 23, User can find out where all copies of my data are in the system and\ncan expunge them **Notes** - Dealing with inappropriate usage of (ie, copyrighted objects that are stored) .. _history: https://redmine.dataone.org/projects/d1/repository/changes/documents/Projects/cicore/architecture/api-documentation/source/design/UseCases/23_uc.txt