Adds the ability for users to delete their own account (#10664). Can be disabled in application settings.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@9417 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Philippe Lang <jp_lang@yahoo.fr> 2012-04-15 14:31:54 +0000
committer: Jean-Philippe Lang <jp_lang@yahoo.fr> 2012-04-15 14:31:54 +0000
commit: 28f0c4f131b02ab67bd9c254f9853168ec6a5b65 (patch)
tree: feedcef78913a173d5f8776c3f13e0f8990c317b /app
parent: 638583012ae165e5cb197fb3b4d7a0fe54318217 (diff)
download: redmine-28f0c4f131b02ab67bd9c254f9853168ec6a5b65.tar.gz
redmine-28f0c4f131b02ab67bd9c254f9853168ec6a5b65.zip
7 files changed, 49 insertions, 8 deletions
diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index 3874d2d89..926e04499 100644
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -131,14 +131,6 @@ class AccountController < ApplicationController
 
   private
 
-  def logout_user
-    if User.current.logged?
-      cookies.delete :autologin
-      Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin'])
-      self.logged_user = nil
-    end
-  end
-
   def authenticate_user
     if Setting.openid? && using_open_id?
       open_id_authenticate(params[:openid_url])
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 5ac72cc70..0ecc04fcb 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -126,6 +126,15 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  # Logs out current user
+  def logout_user
+    if User.current.logged?
+      cookies.delete :autologin
+      Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin'])
+      self.logged_user = nil
+    end
+  end
+
   # check if login is globally required to access the application
   def check_if_login_required
     # no check needed if user is already logged in
diff --git a/app/controllers/my_controller.rb b/app/controllers/my_controller.rb
index cdf0182de..b3c975b78 100644
--- a/app/controllers/my_controller.rb
+++ b/app/controllers/my_controller.rb
@@ -65,6 +65,24 @@ class MyController < ApplicationController
     end
   end
 
+  # Destroys user's account
+  def destroy
+    @user = User.current
+    unless @user.own_account_deletable?
+      redirect_to :action => 'account'
+      return
+    end
+
+    if request.post? && params[:confirm]
+      @user.destroy
+      if @user.destroyed?
+        logout_user
+        flash[:notice] = l(:notice_account_deleted)
+      end
+      redirect_to home_path
+    end
+  end
+
   # Manage user's password
   def password
     @user = User.current
diff --git a/app/models/user.rb b/app/models/user.rb
index d1fa2822a..b377dda67 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -482,6 +482,12 @@ class User < Principal
     allowed_to?(action, nil, options.reverse_merge(:global => true), &block)
   end
 
+  # Returns true if the user is allowed to delete his own account
+  def own_account_deletable?
+    Setting.unsubscribe? &&
+      (!admin? || User.active.first(:conditions => ["admin = ? AND id <> ?", true, id]).present?)
+  end
+
   safe_attributes 'login',
     'firstname',
     'lastname',
diff --git a/app/views/my/_sidebar.html.erb b/app/views/my/_sidebar.html.erb
index 407fe990f..c89e6f3b4 100644
--- a/app/views/my/_sidebar.html.erb
+++ b/app/views/my/_sidebar.html.erb
@@ -3,6 +3,9 @@
 <p><%=l(:field_login)%>: <strong><%= link_to_user(@user, :format => :username) %></strong><br />
 <%=l(:field_created_on)%>: <%= format_time(@user.created_on) %></p>
 
+<% if @user.own_account_deletable? %>
+  <p><%= link_to(l(:button_delete_my_account), {:action => 'destroy'}, :class => 'icon icon-del') %></p>
+<% end %>
 
 <h4><%= l(:label_feeds_access_key) %></h4>
 
diff --git a/app/views/my/destroy.html.erb b/app/views/my/destroy.html.erb
new file mode 100644
index 000000000..5d6eaa004
--- /dev/null
+++ b/app/views/my/destroy.html.erb
@@ -0,0 +1,11 @@
+<h2><%=l(:label_confirmation)%></h2>
+<div class="warning">
+<p><%= simple_format l(:text_account_destroy_confirmation)%></p>
+<p>
+    <% form_tag({}) do %>
+    <label><%= check_box_tag 'confirm', 1 %> <%= l(:general_text_Yes) %></label>
+    <%= submit_tag l(:button_delete_my_account) %> |
+		<%= link_to l(:button_cancel), :action => 'account' %>
+    <% end %>
+</p>
+</div>
diff --git a/app/views/settings/_authentication.html.erb b/app/views/settings/_authentication.html.erb
index bec373805..14396e274 100644
--- a/app/views/settings/_authentication.html.erb
+++ b/app/views/settings/_authentication.html.erb
@@ -10,6 +10,8 @@
                                            [l(:label_registration_manual_activation), "2"],
                                            [l(:label_registration_automatic_activation), "3"]] %></p>
 
+<p><%= setting_check_box :unsubscribe %></p>
+
 <p><%= setting_text_field :password_min_length, :size => 6 %></p>
 
 <p><%= setting_check_box :lost_password, :label => :label_password_lost %></p>
author	Jean-Philippe Lang <jp_lang@yahoo.fr>	2012-04-15 14:31:54 +0000
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>	2012-04-15 14:31:54 +0000
commit	28f0c4f131b02ab67bd9c254f9853168ec6a5b65 (patch)
tree	feedcef78913a173d5f8776c3f13e0f8990c317b /app
parent	638583012ae165e5cb197fb3b4d7a0fe54318217 (diff)
download	redmine-28f0c4f131b02ab67bd9c254f9853168ec6a5b65.tar.gz redmine-28f0c4f131b02ab67bd9c254f9853168ec6a5b65.zip