[Discovery] EU-DSGVO: Check for personal user data in chat

[Gargamil]

User Story

As a:

Developer

I want:

check, if personal user data are stored in chat

so that:

EU-DSGVO Export / Delete can be adjusted #805

Acceptance criteria:

• [ ]

Additional info:

Estimate:

4h

[Gargamil]

The Message model contains a field author (see below) whereby the user and his message (as personal data) can be identified.
So: To enforce DSGVO strictly, these data have to be exported / deleted, if the user wants to.
BUT. If these messages were deleted, the chat-context of these will be damaged

author: {
      type: mongoose.Schema.Types.ObjectId,
      required: true,
      ref: 'User'
    }

To be discussed: Whether to delete the chat data (and corrupt the associated chats) or leave the data and delete the author-id.

Furthermore, regarding export: Export the whole chats (with messages from other users) OR only export the affected messages from a specific user.

Group decision (Call 22.10.18): Only export messages of the corresponding user. Delete: to be discussed on meeting and with @utetrapp