diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2012-04-15 14:31:54 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2012-04-15 14:31:54 +0000 |
| commit | 28f0c4f131b02ab67bd9c254f9853168ec6a5b65 (patch) | |
| tree | feedcef78913a173d5f8776c3f13e0f8990c317b /app/controllers | |
| parent | 638583012ae165e5cb197fb3b4d7a0fe54318217 (diff) | |
| download | redmine-28f0c4f131b02ab67bd9c254f9853168ec6a5b65.tar.gz redmine-28f0c4f131b02ab67bd9c254f9853168ec6a5b65.zip | |
Adds the ability for users to delete their own account (#10664). Can be disabled in application settings.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@9417 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/account_controller.rb | 8 | ||||
| -rw-r--r-- | app/controllers/application_controller.rb | 9 | ||||
| -rw-r--r-- | app/controllers/my_controller.rb | 18 |
3 files changed, 27 insertions, 8 deletions
diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb index 3874d2d89..926e04499 100644 --- a/app/controllers/account_controller.rb +++ b/app/controllers/account_controller.rb @@ -131,14 +131,6 @@ class AccountController < ApplicationController private - def logout_user - if User.current.logged? - cookies.delete :autologin - Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) - self.logged_user = nil - end - end - def authenticate_user if Setting.openid? && using_open_id? open_id_authenticate(params[:openid_url]) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 5ac72cc70..0ecc04fcb 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -126,6 +126,15 @@ class ApplicationController < ActionController::Base end end + # Logs out current user + def logout_user + if User.current.logged? + cookies.delete :autologin + Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) + self.logged_user = nil + end + end + # check if login is globally required to access the application def check_if_login_required # no check needed if user is already logged in diff --git a/app/controllers/my_controller.rb b/app/controllers/my_controller.rb index cdf0182de..b3c975b78 100644 --- a/app/controllers/my_controller.rb +++ b/app/controllers/my_controller.rb @@ -65,6 +65,24 @@ class MyController < ApplicationController end end + # Destroys user's account + def destroy + @user = User.current + unless @user.own_account_deletable? + redirect_to :action => 'account' + return + end + + if request.post? && params[:confirm] + @user.destroy + if @user.destroyed? + logout_user + flash[:notice] = l(:notice_account_deleted) + end + redirect_to home_path + end + end + # Manage user's password def password @user = User.current |