diff options
| author | Matthew Somerville <matthew-github@dracos.co.uk> | 2018-01-31 16:15:44 +0000 |
|---|---|---|
| committer | Matthew Somerville <matthew-github@dracos.co.uk> | 2018-02-06 16:55:55 +0000 |
| commit | d126f95249a0a7b0b0c3289b597a7b89e13a2fbb (patch) | |
| tree | 5571921b1bb1c92c97f2cc15dc23155c14314aeb | |
| parent | db8898037b67265b18ffac9ef8b6696dc6d33d22 (diff) | |
Admin ability to remove user account details.
| -rw-r--r-- | CHANGELOG.md | 1 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Admin.pm | 24 | ||||
| -rw-r--r-- | t/app/controller/admin/users.t | 16 | ||||
| -rw-r--r-- | templates/web/base/admin/user-form.html | 1 |
4 files changed, 42 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index c2efc0ddd..16474e59f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ - Admin improvements: - Admin can anonymize/hide all a user's reports. #1942 #1943 - Admin can log a user out. #1975 + - Admin can remove a user's account details. #1944 - UK: - Lazy load images in the footer. diff --git a/perllib/FixMyStreet/App/Controller/Admin.pm b/perllib/FixMyStreet/App/Controller/Admin.pm index c2470e325..85b6204fc 100644 --- a/perllib/FixMyStreet/App/Controller/Admin.pm +++ b/perllib/FixMyStreet/App/Controller/Admin.pm @@ -1429,6 +1429,8 @@ sub user_edit : Path('user_edit') : Args(1) { $c->forward('user_anon_everywhere', [ $user ]); } elsif ( $c->get_param('submit') and $c->get_param('hide_everywhere') ) { $c->forward('user_hide_everywhere', [ $user ]); + } elsif ( $c->get_param('submit') and $c->get_param('remove_account') ) { + $c->forward('user_remove_account', [ $user ]); } elsif ( $c->get_param('submit') ) { my $edited = 0; @@ -1788,6 +1790,28 @@ sub user_hide_everywhere : Private { $c->stash->{status_message} = _('That user’s reports and updates have been hidden.'); } +# Anonymize and remove name from all problems/updates, disable all alerts. +# Remove their account's email address, phone number, password, etc. +sub user_remove_account : Private { + my ( $self, $c, $user ) = @_; + $c->forward('user_logout_everywhere', [ $user ]); + $user->problems->update({ anonymous => 1, name => '', send_questionnaire => 0 }); + $user->comments->update({ anonymous => 1, name => '' }); + $user->alerts->update({ whendisabled => \'current_timestamp' }); + $user->password('', 1); + $user->update({ + email => 'removed-' . $user->id . '@' . FixMyStreet->config('EMAIL_DOMAIN'), + email_verified => 0, + name => '', + phone => '', + phone_verified => 0, + title => undef, + twitter_id => undef, + facebook_id => undef, + }); + $c->stash->{status_message} = _('That user’s personal details have been removed.'); +} + sub unban_user : Private { my ( $self, $c, $user ) = @_; diff --git a/t/app/controller/admin/users.t b/t/app/controller/admin/users.t index 187652b3c..63295e26d 100644 --- a/t/app/controller/admin/users.t +++ b/t/app/controller/admin/users.t @@ -420,4 +420,20 @@ subtest "Logging user out" => sub { $mech2->not_logged_in_ok; }; +subtest "Removing account from admin" => sub { + $mech->create_problems_for_body(4, 2237, 'Title'); + my $count_p = FixMyStreet::DB->resultset('Problem')->search({ user_id => $user->id })->count; + my $count_u = FixMyStreet::DB->resultset('Comment')->search({ user_id => $user->id })->count; + $mech->get_ok( '/admin/user_edit/' . $user->id ); + $mech->submit_form_ok({ button => 'remove_account' }, 'Removing account'); + my $c = FixMyStreet::DB->resultset('Problem')->search({ user_id => $user->id, anonymous => 1, name => '' })->count; + is $c, $count_p, 'All reports anon/nameless'; + $c = FixMyStreet::DB->resultset('Comment')->search({ user_id => $user->id, anonymous => 1, name => '' })->count; + is $c, $count_u, 'All updates anon/nameless'; + $user->discard_changes; + is $user->name, '', 'Name gone'; + is $user->password, '', 'Password gone'; + is $user->email, 'removed-' . $user->id . '@example.org', 'Email gone' +}; + done_testing(); diff --git a/templates/web/base/admin/user-form.html b/templates/web/base/admin/user-form.html index ca0a3c496..9dc14c98d 100644 --- a/templates/web/base/admin/user-form.html +++ b/templates/web/base/admin/user-form.html @@ -203,6 +203,7 @@ <li><input class="btn-danger" type="submit" name="logout_everywhere" value="[% loc('Log out of all sessions') %]"> <li><input class="btn-danger" type="submit" name="anon_everywhere" value="[% loc('Make anonymous on all reports and updates') %]"> <li><input class="btn-danger" type="submit" name="hide_everywhere" value="[% loc('Hide all reports and updates') %]"> + <li><input class="btn-danger" type="submit" name="remove_account" value="[% loc('Remove account details') %]"> </ul> [% END %] |