aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGELOG.md1
-rw-r--r--perllib/FixMyStreet/App/Controller/Admin.pm24
-rw-r--r--t/app/controller/admin/users.t16
-rw-r--r--templates/web/base/admin/user-form.html1
4 files changed, 42 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index c2efc0ddd..16474e59f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -19,6 +19,7 @@
- Admin improvements:
- Admin can anonymize/hide all a user's reports. #1942 #1943
- Admin can log a user out. #1975
+ - Admin can remove a user's account details. #1944
- UK:
- Lazy load images in the footer.
diff --git a/perllib/FixMyStreet/App/Controller/Admin.pm b/perllib/FixMyStreet/App/Controller/Admin.pm
index c2470e325..85b6204fc 100644
--- a/perllib/FixMyStreet/App/Controller/Admin.pm
+++ b/perllib/FixMyStreet/App/Controller/Admin.pm
@@ -1429,6 +1429,8 @@ sub user_edit : Path('user_edit') : Args(1) {
$c->forward('user_anon_everywhere', [ $user ]);
} elsif ( $c->get_param('submit') and $c->get_param('hide_everywhere') ) {
$c->forward('user_hide_everywhere', [ $user ]);
+ } elsif ( $c->get_param('submit') and $c->get_param('remove_account') ) {
+ $c->forward('user_remove_account', [ $user ]);
} elsif ( $c->get_param('submit') ) {
my $edited = 0;
@@ -1788,6 +1790,28 @@ sub user_hide_everywhere : Private {
$c->stash->{status_message} = _('That user’s reports and updates have been hidden.');
}
+# Anonymize and remove name from all problems/updates, disable all alerts.
+# Remove their account's email address, phone number, password, etc.
+sub user_remove_account : Private {
+ my ( $self, $c, $user ) = @_;
+ $c->forward('user_logout_everywhere', [ $user ]);
+ $user->problems->update({ anonymous => 1, name => '', send_questionnaire => 0 });
+ $user->comments->update({ anonymous => 1, name => '' });
+ $user->alerts->update({ whendisabled => \'current_timestamp' });
+ $user->password('', 1);
+ $user->update({
+ email => 'removed-' . $user->id . '@' . FixMyStreet->config('EMAIL_DOMAIN'),
+ email_verified => 0,
+ name => '',
+ phone => '',
+ phone_verified => 0,
+ title => undef,
+ twitter_id => undef,
+ facebook_id => undef,
+ });
+ $c->stash->{status_message} = _('That user’s personal details have been removed.');
+}
+
sub unban_user : Private {
my ( $self, $c, $user ) = @_;
diff --git a/t/app/controller/admin/users.t b/t/app/controller/admin/users.t
index 187652b3c..63295e26d 100644
--- a/t/app/controller/admin/users.t
+++ b/t/app/controller/admin/users.t
@@ -420,4 +420,20 @@ subtest "Logging user out" => sub {
$mech2->not_logged_in_ok;
};
+subtest "Removing account from admin" => sub {
+ $mech->create_problems_for_body(4, 2237, 'Title');
+ my $count_p = FixMyStreet::DB->resultset('Problem')->search({ user_id => $user->id })->count;
+ my $count_u = FixMyStreet::DB->resultset('Comment')->search({ user_id => $user->id })->count;
+ $mech->get_ok( '/admin/user_edit/' . $user->id );
+ $mech->submit_form_ok({ button => 'remove_account' }, 'Removing account');
+ my $c = FixMyStreet::DB->resultset('Problem')->search({ user_id => $user->id, anonymous => 1, name => '' })->count;
+ is $c, $count_p, 'All reports anon/nameless';
+ $c = FixMyStreet::DB->resultset('Comment')->search({ user_id => $user->id, anonymous => 1, name => '' })->count;
+ is $c, $count_u, 'All updates anon/nameless';
+ $user->discard_changes;
+ is $user->name, '', 'Name gone';
+ is $user->password, '', 'Password gone';
+ is $user->email, 'removed-' . $user->id . '@example.org', 'Email gone'
+};
+
done_testing();
diff --git a/templates/web/base/admin/user-form.html b/templates/web/base/admin/user-form.html
index ca0a3c496..9dc14c98d 100644
--- a/templates/web/base/admin/user-form.html
+++ b/templates/web/base/admin/user-form.html
@@ -203,6 +203,7 @@
<li><input class="btn-danger" type="submit" name="logout_everywhere" value="[% loc('Log out of all sessions') %]">
<li><input class="btn-danger" type="submit" name="anon_everywhere" value="[% loc('Make anonymous on all reports and updates') %]">
<li><input class="btn-danger" type="submit" name="hide_everywhere" value="[% loc('Hide all reports and updates') %]">
+ <li><input class="btn-danger" type="submit" name="remove_account" value="[% loc('Remove account details') %]">
</ul>
[% END %]
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-26 11:03:11 +0000