Add anonymizing of user applications feature

docs/setup/administrators/anonymizing-submissions.md

@@ -0,0 +1,24 @@
+# Anonymizing Submissions
+
+Hypha offers submission anonymization to allow for less retention of Personally Identifiable Information (PII).
+
+When the configuration option `SUBMISSION_ANONYMIZATION_ENABLED=True`, submissions can be either:
+
+ * Individually anonymized (Submission Detail View → "More Actions" → "Anonymize" button)
+ * Anonymized manually in bulk (Submissions All View → select submissions → "Anonymize" button in actions bar)
+ * Anonymized in bulk via user deletion (Wagtail Admin → "Settings" → "Users" → Select a user → "…" in top action/nav bar → "Delete" → "Anonymize all user submissions")
+ * Anonymized through the management command `python3 manage.py submission_cleanup --submissions [days]` (more info on that [here](cron-jobs.md#submission-cleanup))
+
+When a submission is anonymized, the original submission is deleted and a derivative is created with the following attributes:
+
+ * `value` - applied for value (if it exists on the original submission)
+ * `status` - status of the original submission
+ * `page` - either the fund/lab that the original submission existed on
+ * `round` - round (if any) the original submission was in
+ * `submit_time` - time the original submission was submitted
+ * `screening_status` - screening status of the original submission
+ * `category` - the categories of the original submission
+
+ and if the user that "owns" the submission still exists and isn't being actively deleted:
+
+ * `user` - stores the user that "owned" the original submission. When the user account is deleted, this field is set to null.

docs/setup/administrators/configuration.md

@@ -299,6 +299,12 @@ See [here](machine-translations.md) for more information on setting up machine t
 
 ----
 
+Should submission anonymization be enabled. Allows for both manual anonymization and utilization of cleanup commands to anonymize by time thresholds.
+
+    SUBMISSION_ANONYMIZATION_ENABLED = env.bool("SUBMISSION_ANONYMIZATION_ENABLED", False)
+
+----
+
 ## Slack settings
 
     SLACK_TOKEN = env.str('SLACK_TOKEN', None)

docs/setup/administrators/cron-jobs.md

@@ -10,20 +10,23 @@ Accounts that haven't been logged into in 5 months can be marked as inactive wit
 python3 manage.py accounts_cleanup
 ```
 
-## Drafts cleanup
+## Submission cleanup
 
-Drafts that haven't been modified in a specified time (in days) can be deleted with the following command:
+There are two options for the cleaning up of user submissions
+ * Drafts: **deletes** all drafts outside the specified timeframe. Drafts are never anonymized.
+ * Submissions: by default, anonymizes all submissions that are not drafts outside the specified timeline.
+    * If `--delete` is specified, the submissions will be deleted instead of anonymized.
 
 ```shell
-python3 manage.py drafts_cleanup [days]
+python3 manage.py submission_cleanup --drafts [days] --submissions [days]
 
 # Or, to run without a confirmation prompt
 
-python3 manage.py drafts_cleanup [days] --noinput
+python3 manage.py submission_cleanup --drafts [days] --submissions [days] --noinput
 ```
 
 Example: to delete all drafts that haven't been modified in a year without a confirmation prompt:
 
 ```shell
-python3 manage.py drafts_cleanup 365 --noinput
+python3 manage.py submission_cleanup --drafts [days] 365 --noinput
 ```

hypha/apply/activity/migrations/0092_alter_activity_user_alter_event_by_alter_event_type.py

@@ -0,0 +1,102 @@
+# Generated by Django 5.2.13 on 2026-04-13 18:50
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("activity", "0091_alter_activity_options_and_more"),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="activity",
+            name="user",
+            field=models.ForeignKey(
+                on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL
+            ),
+        ),
+        migrations.AlterField(
+            model_name="event",
+            name="by",
+            field=models.ForeignKey(
+                null=True,
+                on_delete=django.db.models.deletion.CASCADE,
+                to=settings.AUTH_USER_MODEL,
+            ),
+        ),
+        migrations.AlterField(
+            model_name="event",
+            name="type",
+            field=models.CharField(
+                choices=[
+                    ("UPDATE_LEAD", "updated lead"),
+                    ("BATCH_UPDATE_LEAD", "batch updated lead"),
+                    ("EDIT_SUBMISSION", "edited submission"),
+                    ("APPLICANT_EDIT", "edited applicant"),
+                    ("NEW_SUBMISSION", "submitted new submission"),
+                    ("DRAFT_SUBMISSION", "submitted new draft submission"),
+                    ("SCREENING", "screened"),
+                    ("TRANSITION", "transitioned"),
+                    ("BATCH_TRANSITION", "batch transitioned"),
+                    ("DETERMINATION_OUTCOME", "sent determination outcome"),
+                    ("BATCH_DETERMINATION_OUTCOME", "sent batch determination outcome"),
+                    ("INVITED_TO_PROPOSAL", "invited to proposal"),
+                    ("REVIEWERS_UPDATED", "updated reviewers"),
+                    ("BATCH_REVIEWERS_UPDATED", "batch updated reviewers"),
+                    ("READY_FOR_REVIEW", "marked ready for review"),
+                    ("BATCH_READY_FOR_REVIEW", "marked batch ready for review"),
+                    ("NEW_REVIEW", "added new review"),
+                    ("COMMENT", "added comment"),
+                    ("PROPOSAL_SUBMITTED", "submitted proposal"),
+                    ("OPENED_SEALED", "opened sealed submission"),
+                    ("REVIEW_OPINION", "reviewed opinion"),
+                    ("DELETE_SUBMISSION", "deleted submission"),
+                    ("ANONYMIZE_SUBMISSION", "anonymized submission"),
+                    ("DELETE_REVIEW", "deleted review"),
+                    ("DELETE_REVIEW_OPINION", "deleted review opinion"),
+                    ("CREATED_PROJECT", "created project"),
+                    ("UPDATE_PROJECT_LEAD", "updated project lead"),
+                    ("UPDATE_PROJECT_TITLE", "updated project title"),
+                    ("EDIT_REVIEW", "edited review"),
+                    ("SEND_FOR_APPROVAL", "sent for approval"),
+                    ("APPROVE_PROJECT", "approved project"),
+                    ("ASSIGN_PAF_APPROVER", "assign project form approver"),
+                    ("APPROVE_PAF", "approved project form"),
+                    ("PROJECT_TRANSITION", "transitioned project"),
+                    ("REQUEST_PROJECT_CHANGE", "requested project change"),
+                    ("SUBMIT_CONTRACT_DOCUMENTS", "submitted contract documents"),
+                    ("UPLOAD_DOCUMENT", "uploaded document to project"),
+                    ("UPLOAD_CONTRACT", "uploaded contract to project"),
+                    ("APPROVE_CONTRACT", "approved contract"),
+                    ("CREATE_INVOICE", "created invoice for project"),
+                    ("UPDATE_INVOICE_STATUS", "updated invoice status"),
+                    ("APPROVE_INVOICE", "approve invoice"),
+                    ("DELETE_INVOICE", "deleted invoice"),
+                    ("SENT_TO_COMPLIANCE", "sent project to compliance"),
+                    ("UPDATE_INVOICE", "updated invoice"),
+                    ("SUBMIT_REPORT", "submitted report"),
+                    ("SKIPPED_REPORT", "skipped report"),
+                    ("REPORT_FREQUENCY_CHANGED", "changed report frequency"),
+                    ("DISABLED_REPORTING", "disabled reporting"),
+                    ("REPORT_NOTIFY", "notified report"),
+                    ("REVIEW_REMINDER", "reminder to review"),
+                    ("BATCH_DELETE_SUBMISSION", "batch deleted submissions"),
+                    ("BATCH_ANONYMIZE_SUBMISSION", "batch anonymized submissions"),
+                    ("BATCH_ARCHIVE_SUBMISSION", "batch archive submissions"),
+                    ("BATCH_INVOICE_STATUS_UPDATE", "batch update invoice status"),
+                    ("STAFF_ACCOUNT_CREATED", "created new account"),
+                    ("STAFF_ACCOUNT_EDITED", "edited account"),
+                    ("ARCHIVE_SUBMISSION", "archived submission"),
+                    ("UNARCHIVE_SUBMISSION", "unarchived submission"),
+                    ("REMOVE_TASK", "remove task"),
+                    ("INVITE_COAPPLICANT", "invite co-applicant"),
+                ],
+                max_length=50,
+                verbose_name="verb",
+            ),
+        ),
+    ]

hypha/apply/activity/models.py

@@ -190,7 +190,7 @@ def get_absolute_url(self):
 class Activity(models.Model):
     timestamp = models.DateTimeField()
     type = models.CharField(choices=ACTIVITY_TYPES.items(), max_length=30)
-    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.PROTECT)
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
 
     source_content_type = models.ForeignKey(
         ContentType,
@@ -328,7 +328,7 @@ class Event(models.Model):
     when = models.DateTimeField(auto_now_add=True)
     type = models.CharField(_("verb"), choices=MESSAGES.choices, max_length=50)
     by = models.ForeignKey(
-        settings.AUTH_USER_MODEL, on_delete=models.PROTECT, null=True
+        settings.AUTH_USER_MODEL, on_delete=models.CASCADE, null=True
     )
     content_type = models.ForeignKey(
         ContentType, blank=True, null=True, on_delete=models.CASCADE

hypha/apply/activity/options.py

@@ -32,6 +32,7 @@ class MESSAGES(TextChoices):
     OPENED_SEALED = "OPENED_SEALED", _("opened sealed submission")
     REVIEW_OPINION = "REVIEW_OPINION", _("reviewed opinion")
     DELETE_SUBMISSION = "DELETE_SUBMISSION", _("deleted submission")
+    ANONYMIZE_SUBMISSION = "ANONYMIZE_SUBMISSION", _("anonymized submission")
     DELETE_REVIEW = "DELETE_REVIEW", _("deleted review")
     DELETE_REVIEW_OPINION = "DELETE_REVIEW_OPINION", _("deleted review opinion")
     CREATED_PROJECT = "CREATED_PROJECT", _("created project")
@@ -64,6 +65,10 @@ class MESSAGES(TextChoices):
     REPORT_NOTIFY = "REPORT_NOTIFY", _("notified report")
     REVIEW_REMINDER = "REVIEW_REMINDER", _("reminder to review")
     BATCH_DELETE_SUBMISSION = "BATCH_DELETE_SUBMISSION", _("batch deleted submissions")
+    BATCH_ANONYMIZE_SUBMISSION = (
+        "BATCH_ANONYMIZE_SUBMISSION",
+        _("batch anonymized submissions"),
+    )
     BATCH_ARCHIVE_SUBMISSION = (
         "BATCH_ARCHIVE_SUBMISSION",
         _("batch archive submissions"),