AEM 6.3 Service Pack 2 Communities exposes APIs out-of-the-box to manage user profiles and bulk manage user generated content (UGC). Once enabled, the UserUgcManagement service allows the privileged users (community administrators and moderators) to disable user profiles, and bulk delete or bulk export UGC for specific users. These APIs also enable controllers and processors of customer data to comply with European Union's General Data Protection Regulations (GDPR) and other GDPR inspired privacy mandates.
To put these APIs to use, you need to enable the /services/social/ugcmanagement endpoint by activating the UserUgcManagement service. To activate this service, install the sample servlet available on GitHub.com. Then, hit the endpoint on publish instance of your communities site with appropriate parameters using an http request, similar to
http://localhost:port/services/social/ugcmanagement?user=<authorizable ID>&operation=<getUgc>. However, you can also build a UI (user interface) to manage user profiles and user generated content in system.
getUserUgc(ResourceResolver resourceResolver, String user, OutputStream outputStream) helps export all the UGC of a user from the system.
- user: authorizable ID of a user.
- outputStream: result is returned as output stream, which is a zip file including the user generated content (as json file) and attachments (which include images or videos uploaded by the user).
For example, to export the UGC of a user named Weston McCall, who uses firstname.lastname@example.org as authorizable ID to log in to communities site, you can send an http GET request similar to the following:
deleteUserUgc(ResourceResolver resourceResolver, String user) helps delete all the UGC for a user from the system.
For example, to delete the UGC of a user having authorizable ID email@example.com through http-POST request, use the following parameters:
Disabling a user deletes all the user generated content that the user has on the server.
For example, to delete the profile of a user having authorizable ID firstname.lastname@example.org through http-POST request, use the following parameters:
deleteUserAccount() API only disables a user profile in the system and removes the UGC. However, to delete a user profile from the system, navigate to CRXDE Lite: http://<server>/crx/de, locate the user node and delete it.