Fix sympa-community#300 — Allow to delete your own account

Only from web interface for now.
ldidry · Dec 21, 2018 · 15a1e68 · 15a1e68
1 parent 4a844b4
commit 15a1e68
Show file tree

Hide file tree

Showing 3 changed files with 127 additions and 0 deletions.
diff --git a/default/mail_tt2/report.tt2 b/default/mail_tt2/report.tt2
@@ -438,6 +438,9 @@
 [%~ ELSIF report_entry == 'logout' ~%]
   [%|loc%]You have logged out[%END%]
 
+[%~ ELSIF report_entry == 'account_deleted' ~%]
+  [%|loc%]You have been unsubscribed from all your lists and your account has been deleted[%END%]
+
 [%~ END ~%]
 
 [%################~%]
@@ -827,6 +830,9 @@ Warning: this message may already have been sent by one of the list's moderators
 [%~ ELSIF report_entry == 'owner_domain_min' ~%]
   [%|loc(report_param.value,report_param.owner_domain_min,report_param.owner_domain)%]Unable to reduce the number of list owners in required domains to %1. Domains that count toward the minimum requirement of %2: %3[%END%]
 
+[%~ ELSIF report_entry == 'still_owner' ~%]
+  [%|loc(report_param.lists)%]You are the only owner of the following list(s): %1. Please give ownership to other people before deleting your account. You have been unsubscribed from all your lists though.[%END%]
+
 [%~ END ~%]
 
 [%~ END ~%]
diff --git a/default/web_tt2/pref.tt2 b/default/web_tt2/pref.tt2
@@ -70,6 +70,22 @@
 </form>
 [% END %]
 
+<h4>[%|loc%]Deleting your account[%END%]</h4>
+<p>
+  [%|loc%]Deleting your account will unsubscribe you from all your lists, remove your ownership of your lists and permanently delete your account.[%END%]
+  <br />
+  [%|loc%]Please note that you will not be able to delete your account if you are the only owner of one or more list.[%END%]
+</p>
+<form action="[% path_cgi %]" method="post">
+  <fieldset>
+    <label for="password_for_account_deletion">[%|loc%]Enter your password:[%END%]</label>
+    <input type="password" name="passwd" id="password_for_account_deletion" size="25" />
+    <input type="checkbox" name="i_understand_the_consequences" id="i_understand_the_consequences" required><label for="i_understand_the_consequences">[%|loc%]I understand that I will be unsubscribed from all my lists and that my account will be permanently deleted[%END%]</label>
+    <br />
+    <input class="MainMenuLinks" type="submit" name="action_delete_account" value="[%|loc%]Submit[%END%]" />
+  </fieldset>
+</form>
+
 </div>
 
 <!-- end pref.tt2 -->
diff --git a/src/cgi/wwsympa.fcgi.in b/src/cgi/wwsympa.fcgi.in
@@ -333,6 +333,7 @@ our %comm = (
     'create_automatic_list'         => 'do_create_automatic_list',
     'create_automatic_list_request' => 'do_create_automatic_list_request',
     'auth'                          => 'do_auth',
+    'delete_account'                => 'do_delete_account',
 );
 
 my %comm_aliases = (
@@ -568,6 +569,7 @@ our %required_args = (
     'get_pending_lists'    => ['param.user.email'],
     'decl_del'             => ['param.list', 'param.user.email'],
     'decl_add'             => ['param.list', 'param.user.email'],
+    'delete_account'       => ['passwd', 'i_understand_the_consequences'],
     'including_lists'      => ['param.list', 'param.user.email'],
     'info'                 => ['param.list'],
     'install_pending_list' => ['param.user.email'],
@@ -17165,6 +17167,109 @@ sub do_auth {
     return $default_home;
 }
 
+sub do_delete_account {
+    wwslog('info', sprintf('Account deletion: %s asked for its account to be deleted', $param->{'user'}->{'email'}));
+
+    # Show form if HTTP POST method not used.
+    return 1 unless $ENV{'REQUEST_METHOD'} eq 'POST';
+
+    my $email  = Sympa::Tools::Text::canonic_email($param->{'user'}->{'email'});
+    my $passwd = delete $in{'passwd'};                         # Clear it.
+
+    unless ($email) {
+        Sympa::WWW::Report::reject_report_web('user', 'no_email', {},
+            $param->{'action'});
+        wwslog('info', 'No email');
+        web_db_log(
+            {   'parameters'   => $email,
+                'target_email' => $email,
+                'status'       => 'error',
+                'error_type'   => "no_email"
+            }
+        );
+        return 'pref';
+    }
+
+    unless ($passwd) {
+        Sympa::WWW::Report::reject_report_web('user', 'missing_arg',
+            {'argument' => 'passwd'},
+            $param->{'action'});
+        wwslog('info', 'Missing parameter passwd');
+        web_db_log(
+            {   'parameters'   => $email,
+                'target_email' => $email,
+                'status'       => 'error',
+                'error_type'   => "missing_parameter"
+            }
+        );
+        return 'pref';
+    }
+
+    my $data;
+
+    unless ($data = Sympa::WWW::Auth::check_auth($robot, $email, $passwd)) {
+        $log->syslog('notice', 'Authentication failed');
+        web_db_log(
+            {   'parameters'   => $email,
+                'target_email' => $email,
+                'status'       => 'error',
+                'error_type'   => 'authentication'
+            }
+        );
+        return 'pref';
+    }
+
+    $param->{'email'} = $email;
+    $param->{'user'}  = $data->{'user'};
+
+    _set_my_lists_info();
+
+    my @only_owner;
+    for my $list (sort keys %{$param->{'which'}}) {
+        my $l = Sympa::List->new($list, $robot);
+        # Unsubscribe
+        $l->delete_list_member('users' => [$email]) if $param->{'which'}->{$list}->{'is_subscriber'};
+        # Remove from the editors
+        $l->delete_list_admin('editor', $email) if $param->{'which'}->{$list}->{'is_editor'};
+        # Remove from the owners
+        if ($param->{'which'}->{$list}->{'is_owner'}) {
+            my @admins = $l->get_admins('owner');
+            if (scalar(@admins) > 1) {
+                $l->delete_list_admin('owner', $email);
+
+                # Don't let a list without a privileged admin
+                my @privileged_admins = $l->get_admins('privileged_owner');
+                unless (scalar(@privileged_admins)) {
+                    @admins = $l->get_admins('owner');
+                    for my $admin (@admins) {
+                        $l->update_list_admin($admin->{email}, 'owner', {profile => 'privileged'});
+                    }
+                }
+            } else {
+                wwslog('info', sprintf('Account deletion: %s is the only owner of %s. The account will not be deleted.', $email, $list));
+                push @only_owner, $list;
+            }
+        }
+    }
+
+
+    if (@only_owner) {
+        Sympa::WWW::Report::reject_report_web('user', 'still_owner',
+            { lists => join(', ', @only_owner) },
+            $param->{'action'});
+        return 'pref';
+    }
+
+    my $user = Sympa::User->new($email);
+    $user->expire;
+
+    wwslog('info', sprintf('Account deletion: the account of %s has been deleted', $email));
+
+    Sympa::WWW::Report::notice_report_web('account_deleted', {}, $param->{'action'});
+
+    do_logout();
+}
+
 sub prevent_visibility_bypass {
     wwslog('debug2', 'Starting');
     if (defined $list and ref $list eq 'Sympa::List') {