Standardize user account deletion and enable admin to delete user ultimately

[mariobehling]

Currently a user can be deleted or delete an account themselves. The idea was that after a grace period the account gets deleted finally. It should also be possible for admins to ultimately delete accounts that are marked for deletion in the user list admin area. Therefore implement the following:

• In admin section https://eventyay.com/admin/users/deleted separate the function into "processing deletion" and "deleted accounts"
  • processing deletion are accounts that have initialized the deletion themselves (previously deleted accounts)
• When a user deletes their account, send a message a) to the user and b) to the system admin account in BCC as further below
• When a user deletes their account log the user out and disable any login or password reset functionality for this account. Show the message "User does not exist."
  • In the Admin UI show the account as "processing deletion" and
    • automatically "Confirm Deletion" after 30 days
    • also show a button "Confirm Deletion" to the admin - which deletes the account entirely according to following points before the 30 days period
  • After accounts have been confirmed as deleted by the admin:
    • purge any user data such as emails
    • keep the invoices as required by law
    • unlink accounts from any events as organizers
    • unlink accounts and email of speakers from any events (but keep the data as this data is "owned" by event organizers)
    • rename the account as "deleted account 00001" etc.
    • show them in the tab "deleted account"
• After the email is entirely deleted, it should be possible to re-register with the same email. In this case ensure no previous data should be accessible with that email

Account Deletion Email

• Subject: Your account on eventyay.com is being deleted
• Content:

Hello,

you have initialized the deletion of your account on eventyay.com. You will not be able register again with this email address for 30 days.

Your account is now in the process of deletion. This means that all your account data including data related to your tickets, sessions and events is being purged.

A few more details:

• Tickets you have bought will now be invalid. Your tickets will be marked as "Deleted Account" in the event organizers data sheets.
• If you have been an organizer of events you will be automatically withdrawn from these events and you will be no longer a team member.
• If you have been a speaker at events and you have not deleted your data prior to the account deletion, your email will now be unlinked and any remaining data is now only editable by organizers of the event. If you want any event data to be changed or deleted you need to contact organizers directly.
• For paid invoices we will only keep data within the period and as required by law. After this period any invoice data will be deleted.

We hope you enjoyed using eventyay.com!

Thank you,

eventyay.com

[DawnArchi01]

@mariobehling
Can you assign me with the task ?

[github-actions]

We don't assign issues to external contributors. Please comment that you're working on the issue after checking that no one else is, and then send a pull request for it. Thank You!