jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

users: set is_deleted flag when account is deleted.

Browse Source 
* Set the `is_deleted` flag when the user is deleted.
* Return the `is_deleted` flag in the /users.json API.
This commit is contained in:
evazion
2022-11-06 13:04:05 -06:00
parent 0a78a6188d
commit 6f08e1427b
5 changed files with 20 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/logical/user_deletion.rb
View File

@@ -87,15 +87,11 @@ class UserDeletion
end end
def reset_password def reset_password
user.update!(password: SecureRandom.hex(16)) user.update!(is_deleted: true, password: SecureRandom.hex(16))
end end
def rename def rename
name = "user_#{user.id}" UserNameChangeRequest.create!(user: user, desired_name: "user_#{user.id}", original_name: user.name, is_deletion: true)
name += "~" while User.exists?(name: name)
request = UserNameChangeRequest.new(user: user, desired_name: name, original_name: user.name)
request.save!(validate: false) # XXX don't validate so that the 1 name change per week rule doesn't interfere
end end
def validate_deletion def validate_deletion

1
app/models/user.rb
View File

@@ -88,6 +88,7 @@ class User < ApplicationRecord
attribute :theme, default: :auto attribute :theme, default: :auto
attribute :upload_points, default: Danbooru.config.initial_upload_points.to_i attribute :upload_points, default: Danbooru.config.initial_upload_points.to_i
attribute :bit_prefs, default: 0 attribute :bit_prefs, default: 0
attribute :is_deleted, default: false
has_bit_flags BOOLEAN_ATTRIBUTES, :field => "bit_prefs" has_bit_flags BOOLEAN_ATTRIBUTES, :field => "bit_prefs"
enum theme: { auto: 0, light: 50, dark: 100 }, _suffix: true enum theme: { auto: 0, light: 50, dark: 100 }, _suffix: true

5
app/models/user_name_change_request.rb
View File

@@ -3,11 +3,11 @@
class UserNameChangeRequest < ApplicationRecord class UserNameChangeRequest < ApplicationRecord
belongs_to :user belongs_to :user
attr_accessor :updater attr_accessor :updater, :is_deletion
validate :not_limited, on: :create validate :not_limited, on: :create
validates :original_name, presence: true validates :original_name, presence: true
validates :desired_name, user_name: true, presence: true, on: :create validates :desired_name, presence: true, user_name: true, on: :create, unless: :is_deletion
after_create :update_name! after_create :update_name!
after_create :create_mod_action after_create :create_mod_action
@@ -33,6 +33,7 @@ class UserNameChangeRequest < ApplicationRecord
end end
def not_limited def not_limited
return if is_deletion
return if user.name_invalid? return if user.name_invalid?
return if updater && updater != user return if updater && updater != user

2
app/policies/user_policy.rb
View File

@@ -65,7 +65,7 @@ class UserPolicy < ApplicationPolicy
def api_attributes def api_attributes
attributes = %i[ attributes = %i[
id created_at name inviter_id level level_string id created_at name inviter_id level level_string
post_upload_count post_update_count note_update_count is_banned post_upload_count post_update_count note_update_count is_banned is_deleted
] ]
if record.id == user.id if record.id == user.id

13
test/unit/user_deletion_test.rb
View File

@@ -18,6 +18,7 @@ class UserDeletionTest < ActiveSupport::TestCase
@deletion = UserDeletion.new(user: @user, password: "wrongpassword", request: @request) @deletion = UserDeletion.new(user: @user, password: "wrongpassword", request: @request)
@deletion.delete! @deletion.delete!
assert_includes(@deletion.errors[:base], "Password is incorrect") assert_includes(@deletion.errors[:base], "Password is incorrect")
assert_equal(false, @user.reload.is_deleted)
end end
end end
@@ -27,6 +28,7 @@ class UserDeletionTest < ActiveSupport::TestCase
@deletion = UserDeletion.new(user: @user, password: "password", request: @request) @deletion = UserDeletion.new(user: @user, password: "password", request: @request)
@deletion.delete! @deletion.delete!
assert_includes(@deletion.errors[:base], "Admins cannot delete their account") assert_includes(@deletion.errors[:base], "Admins cannot delete their account")
assert_equal(false, @user.reload.is_deleted)
end end
end end
@@ -36,6 +38,7 @@ class UserDeletionTest < ActiveSupport::TestCase
@deletion = UserDeletion.new(user: @user, password: "password", request: @request) @deletion = UserDeletion.new(user: @user, password: "password", request: @request)
@deletion.delete! @deletion.delete!
assert_includes(@deletion.errors[:base], "You cannot delete your account if you are banned") assert_includes(@deletion.errors[:base], "You cannot delete your account if you are banned")
assert_equal(false, @user.reload.is_deleted)
end end
end end
end end
@@ -64,6 +67,11 @@ class UserDeletionTest < ActiveSupport::TestCase
assert_equal("user_#{@user.id}", @user.reload.name) assert_equal("user_#{@user.id}", @user.reload.name)
end end
should "mark the user as deleted" do
@deletion.delete!
assert_equal(true, @user.reload.is_deleted)
end
should "generate a user name change request" do should "generate a user name change request" do
@deletion.delete! @deletion.delete!
assert_equal(1, @user.user_name_change_requests.count) assert_equal(1, @user.user_name_change_requests.count)
@@ -78,6 +86,7 @@ class UserDeletionTest < ActiveSupport::TestCase
should "generate a modaction" do should "generate a modaction" do
@deletion.delete! @deletion.delete!
assert_match(/deleted user ##{@user.id}/, ModAction.last.description) assert_match(/deleted user ##{@user.id}/, ModAction.last.description)
assert_equal(@user, ModAction.last.subject) assert_equal(@user, ModAction.last.subject)
assert_equal("user_delete", ModAction.last.category) assert_equal("user_delete", ModAction.last.category)
@@ -148,9 +157,12 @@ class UserDeletionTest < ActiveSupport::TestCase
@deletion.delete! @deletion.delete!
assert_equal("user_#{@user.id}", @user.reload.name) assert_equal("user_#{@user.id}", @user.reload.name)
assert_equal(true, @user.is_deleted)
assert_equal("deleted user ##{@user.id}", ModAction.last.description) assert_equal("deleted user ##{@user.id}", ModAction.last.description)
assert_equal(@deletion.deleter, ModAction.last.creator) assert_equal(@deletion.deleter, ModAction.last.creator)
assert_equal(@user, ModAction.last.subject) assert_equal(@user, ModAction.last.subject)
assert_equal(false, ModAction.user_name_change.exists?)
assert_equal(1, ModAction.count)
end end
should "not work for other users" do should "not work for other users" do
@@ -159,6 +171,7 @@ class UserDeletionTest < ActiveSupport::TestCase
@deletion.delete! @deletion.delete!
assert_not_equal("user_#{@user.id}", @user.reload.name) assert_not_equal("user_#{@user.id}", @user.reload.name)
assert_equal(false, @user.is_deleted)
assert_equal(0, ModAction.count) assert_equal(0, ModAction.count)
end end
end end