1 files changed, 32 insertions, 0 deletions

diff --git a/perllib/FixMyStreet/App/Controller/My.pm b/perllib/FixMyStreet/App/Controller/My.pm
index 0eb1ad3f1..6fee25ec5 100644
--- a/perllib/FixMyStreet/App/Controller/My.pm
+++ b/perllib/FixMyStreet/App/Controller/My.pm
@@ -234,6 +234,38 @@ sub by_shortlisted {
     }
 }
 
+sub anonymize : Path('anonymize') {
+    my ($self, $c) = @_;
+    $c->forward('/auth/get_csrf_token');
+
+    my $object;
+    if (my $id = $c->get_param('problem')) {
+        $c->forward( '/report/load_problem_or_display_error', [ $id ] );
+        $object = $c->stash->{problem};
+    } elsif ($id = $c->get_param('update')) {
+        $c->stash->{update} = $object = $c->model('DB::Comment')->find({ id => $id });
+        $c->detach('/page_error_400_bad_request') unless $object;
+    } else {
+        $c->detach('/page_error_404_not_found');
+    }
+    $c->detach('/page_error_400_bad_request') unless $c->user->id == $object->user_id;
+    $c->detach('/page_error_400_bad_request') if $object->anonymous;
+
+    if ($c->get_param('hide') || $c->get_param('hide_everywhere')) {
+        $c->detach('/page_error_400_bad_request') unless $c->req->method eq 'POST';
+        $c->forward('/auth/check_csrf_token');
+        if ($c->get_param('hide')) {
+            $object->update({ anonymous => 1 });
+            $c->flash->{anonymized} = _('Your name has been hidden.');
+        } elsif ($c->get_param('hide_everywhere')) {
+            $c->user->problems->update({anonymous => 1});
+            $c->user->comments->update({anonymous => 1});
+            $c->flash->{anonymized} = _('Your name has been hidden from all your reports and updates.');
+        }
+        $c->res->redirect($object->url);
+    }
+}
+
 __PACKAGE__->meta->make_immutable;
 
 1;