Account deletion (#3728)

* Add form for account deletion * If avatar or header are gone from source, remove them * Add option to have SuspendAccountService remove user record, add tests * Exclude suspended accounts from search
8 years ago · 4a618908e8
parent a208e7d655
commit 4a618908e8
15 changed files with 183 additions and 7 deletions
--- a/app/controllers/settings/deletes_controller.rb
+++ b/app/controllers/settings/deletes_controller.rb
@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+class Settings::DeletesController < ApplicationController
+  layout 'admin'
+
+  before_action :authenticate_user!
+
+  def show
+    @confirmation = Form::DeleteConfirmation.new
+  end
+
+  def destroy
+    if current_user.valid_password?(delete_params[:password])
+      Admin::SuspensionWorker.perform_async(current_user.account_id, true)
+      sign_out
+      redirect_to new_user_session_path, notice: I18n.t('deletes.success_msg')
+    else
+      redirect_to settings_delete_path, alert: I18n.t('deletes.bad_password_msg')
+    end
+  end
+
+  private
+
+  def delete_params
+    params.permit(:password)
+  end
+end
--- a/app/javascript/styles/admin.scss
+++ b/app/javascript/styles/admin.scss
@ -96,6 +96,13 @@
      margin-bottom: 40px;
    }

+    h6 {
+      font-size: 16px;
+      color: $ui-primary-color;
+      line-height: 28px;
+      font-weight: 400;
+    }
+
    & > p {
      font-size: 14px;
      line-height: 18px;
@ -114,6 +121,14 @@
      background: transparent;
      border-bottom: 1px solid $ui-base-color;
    }
+
+    .muted-hint {
+      color: lighten($ui-base-color, 27%);
+
+      a {
+        color: $ui-primary-color;
+      }
+    }
  }

  .simple_form {
--- a/app/javascript/styles/forms.scss
+++ b/app/javascript/styles/forms.scss
@ -303,7 +303,10 @@ code {
      font-weight: 500;
    }
  }
+}

+.simple_form,
+.table-form {
  .warning {
    max-width: 400px;
    box-sizing: border-box;
--- a/app/models/account.rb
+++ b/app/models/account.rb
@ -177,6 +177,7 @@ class Account < ApplicationRecord
          account_id IN (SELECT * FROM first_degree)
          AND target_account_id NOT IN (SELECT * FROM first_degree)
          AND target_account_id NOT IN (:excluded_account_ids)
+          AND accounts.suspended = false
        GROUP BY target_account_id, accounts.id
        ORDER BY count(account_id) DESC
        OFFSET :offset
@ -199,6 +200,7 @@ class Account < ApplicationRecord
          ts_rank_cd(#{textsearch}, #{query}, 32) AS rank
        FROM accounts
        WHERE #{query} @@ #{textsearch}
+          AND accounts.suspended = false
        ORDER BY rank DESC
        LIMIT ?
      SQL
@ -216,6 +218,7 @@ class Account < ApplicationRecord
        FROM accounts
        LEFT OUTER JOIN follows AS f ON (accounts.id = f.account_id AND f.target_account_id = ?) OR (accounts.id = f.target_account_id AND f.account_id = ?)
        WHERE #{query} @@ #{textsearch}
+          AND accounts.suspended = false
        GROUP BY accounts.id
        ORDER BY rank DESC
        LIMIT ?
--- a/app/models/form/delete_confirmation.rb
+++ b/app/models/form/delete_confirmation.rb
@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class Form::DeleteConfirmation
+  include ActiveModel::Model
+
+  attr_accessor :password
+end
--- a/app/services/suspend_account_service.rb
+++ b/app/services/suspend_account_service.rb
@ -1,9 +1,10 @@
 # frozen_string_literal: true

 class SuspendAccountService < BaseService
-  def call(account)
+  def call(account, remove_user = false)
    @account = account

+    purge_user if remove_user
    purge_content
    purge_profile
    unsubscribe_push_subscribers
@ -11,6 +12,10 @@ class SuspendAccountService < BaseService

  private

+  def purge_user
+    @account.user.destroy
+  end
+
  def purge_content
    @account.statuses.reorder(nil).find_each do |status|
      # This federates out deletes to previous followers
--- a/app/services/update_remote_profile_service.rb
+++ b/app/services/update_remote_profile_service.rb
@ -27,8 +27,19 @@ class UpdateRemoteProfileService < BaseService
    account.locked       = remote_profile.locked?

    if !account.suspended? && !DomainBlock.find_by(domain: account.domain)&.reject_media?
-      account.avatar_remote_url = remote_profile.avatar if remote_profile.avatar.present?
-      account.header_remote_url = remote_profile.header if remote_profile.header.present?
+      if remote_profile.avatar.present?
+        account.avatar_remote_url = remote_profile.avatar
+      else
+        account.avatar_remote_url = ''
+        account.avatar.destroy
+      end
+
+      if remote_profile.header.present?
+        account.header_remote_url = remote_profile.header
+      else
+        account.header_remote_url = ''
+        account.header.destroy
+      end
    end
  end
 end
--- a/app/views/auth/registrations/edit.html.haml
+++ b/app/views/auth/registrations/edit.html.haml
@ -11,3 +11,8 @@

  .actions
    = f.button :button, t('generic.save_changes'), type: :submit
+
+%hr/
+
+%h6= t('auth.delete_account')
+%p.muted-hint= t('auth.delete_account_html', path: settings_delete_path)
--- a/app/views/settings/deletes/show.html.haml
+++ b/app/views/settings/deletes/show.html.haml
@ -0,0 +1,16 @@
+- content_for :page_title do
+  = t('settings.delete')
+
+= simple_form_for @confirmation, url: settings_delete_path, method: :delete do |f|
+  .warning
+    %strong
+      = fa_icon('warning')
+      = t('deletes.warning_title')
+    = t('deletes.warning_html')
+
+  %p.hint= t('deletes.description_html')
+
+  = f.input :password, autocomplete: 'off', placeholder: t('simple_form.labels.defaults.current_password'), input_html: { 'aria-label' => t('simple_form.labels.defaults.current_password') }, hint: t('deletes.confirm_password')
+
+  .actions
+    = f.button :button, t('deletes.proceed'), type: :submit, class: 'negative'
--- a/app/workers/admin/suspension_worker.rb
+++ b/app/workers/admin/suspension_worker.rb
@ -5,7 +5,7 @@ class Admin::SuspensionWorker

  sidekiq_options queue: 'pull'

-  def perform(account_id)
-    SuspendAccountService.new.call(Account.find(account_id))
+  def perform(account_id, remove_user = false)
+    SuspendAccountService.new.call(Account.find(account_id), remove_user)
  end
 end
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -201,6 +201,8 @@ en:
    invalid_url: The provided URL is invalid
  auth:
    change_password: Credentials
+    delete_account: Delete account
+    delete_account_html: If you wish to delete your account, you can <a href="%{path}">proceed here</a>. You will be asked for confirmation.
    didnt_get_confirmation: Didn't receive confirmation instructions?
    forgot_password: Forgot your password?
    login: Log in
@ -228,6 +230,14 @@ en:
      x_minutes: "%{count}m"
      x_months: "%{count}mo"
      x_seconds: "%{count}s"
+  deletes:
+    bad_password_msg: Nice try, hackers! Incorrect password
+    confirm_password: Enter your current password to verify your identity
+    description_html: This will <strong>permanently, irreversibly</strong> remove content from your account and deactivate it. Your username will remain reserved to prevent future impersonations.
+    proceed: Delete account
+    success_msg: Your account was successfully deleted
+    warning_html: Only deletion of content from this particular instance is guaranteed. Content that has been widely shared is likely to leave traces. Offline servers and servers that have unsubscribed from your updates will not update their databases.
+    warning_title: Disseminated content availability
  errors:
    '403': You don't have permission to view this page.
    '404': The page you were looking for doesn't exist.
@ -313,6 +323,7 @@ en:
  settings:
    authorized_apps: Authorized apps
    back: Back to Mastodon
+    delete: Account deletion
    edit_profile: Edit profile
    export: Data export
    followers: Authorized followers
--- a/config/locales/simple_form.ru.yml
+++ b/config/locales/simple_form.ru.yml
@ -41,8 +41,8 @@ ru:
        password: Пароль
        setting_auto_play_gif: Автоматически проигрывать анимированные GIF
        setting_boost_modal: Показывать диалог подтверждения перед продвижением
-        setting_delete_modal: Показывать диалог подтверждения перед удалением
        setting_default_privacy: Видимость постов
+        setting_delete_modal: Показывать диалог подтверждения перед удалением
        severity: Строгость
        type: Тип импорта
        username: Имя пользователя
--- a/config/navigation.rb
+++ b/config/navigation.rb
@ -7,7 +7,7 @@ SimpleNavigation::Configuration.run do |navigation|
    primary.item :settings, safe_join([fa_icon('cog fw'), t('settings.settings')]), settings_profile_url do |settings|
      settings.item :profile, safe_join([fa_icon('user fw'), t('settings.edit_profile')]), settings_profile_url
      settings.item :preferences, safe_join([fa_icon('sliders fw'), t('settings.preferences')]), settings_preferences_url
-      settings.item :password, safe_join([fa_icon('cog fw'), t('auth.change_password')]), edit_user_registration_url
+      settings.item :password, safe_join([fa_icon('cog fw'), t('auth.change_password')]), edit_user_registration_url, highlights_on: %r{/auth/edit|/settings/delete}
      settings.item :two_factor_authentication, safe_join([fa_icon('mobile fw'), t('settings.two_factor_authentication')]), settings_two_factor_authentication_url, highlights_on: %r{/settings/two_factor_authentication}
      settings.item :import, safe_join([fa_icon('cloud-upload fw'), t('settings.import')]), settings_import_url
      settings.item :export, safe_join([fa_icon('cloud-download fw'), t('settings.export')]), settings_export_url
--- a/config/routes.rb
+++ b/config/routes.rb
@ -66,6 +66,7 @@ Rails.application.routes.draw do
    end

    resource :follower_domains, only: [:show, :update]
+    resource :delete, only: [:show, :destroy]
  end

  resources :media, only: [:show]
--- a/spec/controllers/settings/deletes_controller_spec.rb
+++ b/spec/controllers/settings/deletes_controller_spec.rb
@ -0,0 +1,72 @@
+require 'rails_helper'
+
+describe Settings::DeletesController do
+  render_views
+
+  describe 'GET #show' do
+    context 'when signed in' do
+      let(:user) { Fabricate(:user) }
+
+      before do
+        sign_in user, scope: :user
+      end
+
+      it 'renders confirmation page' do
+        get :show
+        expect(response).to have_http_status(:success)
+      end
+    end
+
+    context 'when not signed in' do
+      it 'redirects' do
+        get :show
+        expect(response).to redirect_to '/auth/sign_in'
+      end
+    end
+  end
+
+  describe 'DELETE #destroy' do
+    context 'when signed in' do
+      let(:user) { Fabricate(:user, password: 'petsmoldoggos') }
+
+      before do
+        sign_in user, scope: :user
+      end
+
+      context 'with correct password' do
+        before do
+          delete :destroy, params: { password: 'petsmoldoggos' }
+        end
+
+        it 'redirects to sign in page' do
+          expect(response).to redirect_to '/auth/sign_in'
+        end
+
+        it 'removes user record' do
+          expect(User.find_by(id: user.id)).to be_nil
+        end
+
+        it 'marks account as suspended' do
+          expect(user.account.reload).to be_suspended
+        end
+      end
+
+      context 'with incorrect password' do
+        before do
+          delete :destroy, params: { password: 'blaze420' }
+        end
+
+        it 'redirects back to confirmation page' do
+          expect(response).to redirect_to settings_delete_path
+        end
+      end
+    end
+
+    context 'when not signed in' do
+      it 'redirects' do
+        delete :destroy
+        expect(response).to redirect_to '/auth/sign_in'
+      end
+    end
+  end
+end