Completely delete user when user request self destruction

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2020-10-13 15:07:51 +02:00
parent 19c82c76ba
commit 3c6916360d
No known key found for this signature in database
GPG key ID: A061B9DDE0CA0773
2 changed files with 10 additions and 12 deletions

View file

@ -410,7 +410,7 @@ defmodule Mobilizon.GraphQL.Resolvers.User do
{:moderator_actor, Users.get_actor_for_user(moderator_user)}, {:moderator_actor, Users.get_actor_for_user(moderator_user)},
%User{disabled: false} = user <- Users.get_user(user_id), %User{disabled: false} = user <- Users.get_user(user_id),
{:ok, %User{}} <- {:ok, %User{}} <-
do_delete_account(%User{} = user, Relay.get_actor()) do do_delete_account(%User{} = user, actor_performing: Relay.get_actor()) do
Admin.log_action(moderator_actor, "delete", user) Admin.log_action(moderator_actor, "delete", user)
else else
{:moderator_actor, nil} -> {:moderator_actor, nil} ->
@ -429,11 +429,11 @@ defmodule Mobilizon.GraphQL.Resolvers.User do
{:confirmation_password, Map.get(args, :password)}, {:confirmation_password, Map.get(args, :password)},
{:current_password, {:ok, _}} <- {:current_password, {:ok, _}} <-
{:current_password, Authenticator.authenticate(email, password)} do {:current_password, Authenticator.authenticate(email, password)} do
do_delete_account(user) do_delete_account(user, reserve_email: false)
else else
# If the user hasn't got any password (3rd-party auth) # If the user hasn't got any password (3rd-party auth)
{:user_has_password, false} -> {:user_has_password, false} ->
do_delete_account(user) do_delete_account(user, reserve_email: false)
{:confirmation_password, nil} -> {:confirmation_password, nil} ->
{:error, dgettext("errors", "The password provided is invalid")} {:error, dgettext("errors", "The password provided is invalid")}
@ -447,23 +447,21 @@ defmodule Mobilizon.GraphQL.Resolvers.User do
{:error, dgettext("errors", "You need to be logged-in to delete your account")} {:error, dgettext("errors", "You need to be logged-in to delete your account")}
end end
defp do_delete_account(%User{} = user, actor_performing \\ nil) do @spec do_delete_account(User.t(), Keyword.t()) :: {:ok, User.t()}
defp do_delete_account(%User{} = user, options) do
with actors <- Users.get_actors_for_user(user), with actors <- Users.get_actors_for_user(user),
activated <- not is_nil(user.confirmed_at), activated <- not is_nil(user.confirmed_at),
# Detach actors from user # Detach actors from user
:ok <- :ok <- Enum.each(actors, fn actor -> Actors.update_actor(actor, %{user_id: nil}) end),
if(activated,
do: :ok,
else: Enum.each(actors, fn actor -> Actors.update_actor(actor, %{user_id: nil}) end)
),
# Launch a background job to delete actors # Launch a background job to delete actors
:ok <- :ok <-
Enum.each(actors, fn actor -> Enum.each(actors, fn actor ->
actor_performing = actor_performing || actor actor_performing = Keyword.get(options, :actor_performing, actor)
ActivityPub.delete(actor, actor_performing, true) ActivityPub.delete(actor, actor_performing, true)
end), end),
# Delete user # Delete user
{:ok, user} <- Users.delete_user(user, reserve_email: activated) do {:ok, user} <-
Users.delete_user(user, reserve_email: Keyword.get(options, :reserve_email, activated)) do
{:ok, user} {:ok, user}
end end
end end

View file

@ -1379,7 +1379,7 @@ defmodule Mobilizon.GraphQL.Resolvers.UserTest do
assert MapSet.new([actor1.id, actor2.id]) == MapSet.new([actor1_id, actor2_id]) assert MapSet.new([actor1.id, actor2.id]) == MapSet.new([actor1_id, actor2_id])
assert Users.get_user(user.id).disabled == true assert is_nil(Users.get_user(user.id))
assert %{success: 2, failure: 0} == Oban.drain_queue(queue: :background) assert %{success: 2, failure: 0} == Oban.drain_queue(queue: :background)