Account deletion

Fixes #182
This commit is contained in:
Bat 2018-09-09 20:49:24 +01:00
parent a3b7d5557b
commit de3707983a
4 changed files with 36 additions and 2 deletions

View File

@ -123,6 +123,7 @@ fn main() {
routes::user::edit, routes::user::edit,
routes::user::edit_auth, routes::user::edit_auth,
routes::user::update, routes::user::update,
routes::user::delete,
routes::user::follow, routes::user::follow,
routes::user::follow_auth, routes::user::follow_auth,
routes::user::activity_details, routes::user::activity_details,

View File

@ -7,7 +7,7 @@ use atom_syndication::{Entry, FeedBuilder};
use rocket::{ use rocket::{
request::LenientForm, request::LenientForm,
response::{Redirect, Flash, Content}, response::{Redirect, Flash, Content},
http::ContentType http::{ContentType, Cookies}
}; };
use rocket_contrib::Template; use rocket_contrib::Template;
use serde_json; use serde_json;
@ -224,6 +224,21 @@ fn update(_name: String, conn: DbConn, user: User, data: LenientForm<UpdateUserF
Redirect::to(uri!(me)) Redirect::to(uri!(me))
} }
#[get("/@/<name>/delete")]
fn delete(name: String, conn: DbConn, user: User, mut cookies: Cookies) -> Redirect {
let account = User::find_by_fqn(&*conn, name.clone()).unwrap();
if user.id == account.id {
account.delete(&*conn);
let cookie = cookies.get_private(AUTH_COOKIE).unwrap();
cookies.remove_private(cookie);
Redirect::to(uri!(super::instance::index))
} else {
Redirect::to(uri!(edit: name = name))
}
}
#[derive(FromForm, Serialize, Validate)] #[derive(FromForm, Serialize, Validate)]
#[validate(schema(function = "passwords_match", skip_on_field_errors = "false", message = "Passwords are not matching"))] #[validate(schema(function = "passwords_match", skip_on_field_errors = "false", message = "Passwords are not matching"))]
struct NewUserForm { struct NewUserForm {

View File

@ -494,6 +494,16 @@ main .article-meta .tags li a {
color: white; color: white;
} }
.button.destructive {
color: #ef767a;
border-color: #ef767a;
}
.button.destructive:hover {
background: #ef767a99;
color: white;
}
/* Errors */ /* Errors */
p.error { p.error {

View File

@ -8,7 +8,7 @@
<h1>{{ "Your Profile" | _ }}</h1> <h1>{{ "Your Profile" | _ }}</h1>
<form method="post"> <form method="post">
<!-- Rocket hack to use various HTTP methods --> <!-- Rocket hack to use various HTTP methods -->
<input type=hidden name="_method" value="put"> <input type=hidden name="_method" value="put">
<label for="display_name">{{ "Display Name" | _ }}</label> <label for="display_name">{{ "Display Name" | _ }}</label>
<input name="display_name" value="{{ account.display_name }}"> <input name="display_name" value="{{ account.display_name }}">
@ -21,4 +21,12 @@
<input type="submit" value="{{ "Update account" | _ }}"/> <input type="submit" value="{{ "Update account" | _ }}"/>
</form> </form>
<h2>{{ "Danger zone" | _ }}</h2>
<p>{{ "Be very careful, any action taken here can't be cancelled." | _ }}
{% if not account.is_admin %}
<p><a class="inline-block button destructive" href="/@/{{ account.fqn }}/delete">{{ "Delete your account" | _ }}</a></p>
{% else %}
<p>{{ "Sorry, but as an admin, you can't leave your instance." | _ }}</p>
{% endif %}
{% endblock content %} {% endblock content %}