Users can delete their account #1447
Conversation
Codecov Report
@@ Coverage Diff @@
## master #1447 +/- ##
=========================================
+ Coverage 95.49% 95.5% +<.01%
=========================================
Files 439 441 +2
Lines 7574 7627 +53
=========================================
+ Hits 7233 7284 +51
- Misses 341 343 +2 |
| private | ||
|
|
||
| def destroy_user_account! | ||
| @user.email = "deleted-user-#{SecureRandom.uuid}@example.org" |
There was a problem hiding this comment.
email can be empty when the user is deleted. There's a special index for that (not sure about the model's validation) but I think is way better to deal it this way.
There was a problem hiding this comment.
And erase their name
|
|
||
| private | ||
|
|
||
| def destroy_user_account! |
There was a problem hiding this comment.
We should delete all the user's identities as well, right?
There was a problem hiding this comment.
@mrcasals Authorizations are anonymous and doesn't container user data so we are fine.
| @@ -106,6 +114,8 @@ export interface CommentDataFragment extends UpVoteButtonFragment, DownVoteButto | |||
| name: string, | |||
| // The author's avatar url | |||
| avatarUrl: string, | |||
| // Wheter the author's account has been deleted or not | |||
There was a problem hiding this comment.
This is auto-generated so I made the change but didn't regenerate the schema 😄
| @@ -0,0 +1,27 @@ | |||
| /** | |||
| * Since the delete account has a modal to confirm it we need to copy the content of the | |||
| * reason field to the hidden field in the form inside the modal. | |||
There was a problem hiding this comment.
What the hell? Is this a normal thing to do?
There was a problem hiding this comment.
No, it isn't. The problem is the foundation reveal is rendered outside the real form and it is also a copy of the template marked as a popup. I know it's not a perfect solution but I needed this to solve the problem.
| $deleteAccountModalForm.find('input#delete_account_delete_reason').val(reasonValue); | ||
| $modal.foundation('open'); | ||
| } catch (error) { | ||
| console.error(error); // eslint-disable-line no-console |
There was a problem hiding this comment.
Shouldn't we report this to Sentry instead of logging to the console
There was a problem hiding this comment.
We don't have sentry configured for js errors but I think it's a good idea. I will do it in a separate PR
decidim-core/config/locales/en.yml
Outdated
| @@ -13,6 +15,9 @@ en: | |||
| user_group_document_number: Organization document number | |||
| user_group_name: Organization name | |||
| user_group_phone: Organization phone | |||
| placeholders: | |||
| account: | |||
| delete_reason: Reason | |||
There was a problem hiding this comment.
Do you really need a placeholder here?
There was a problem hiding this comment.
I just copied the template but I think you are right.
decidim-core/config/locales/en.yml
Outdated
| @@ -2,6 +2,8 @@ | |||
| en: | |||
| activemodel: | |||
| attributes: | |||
| account: | |||
| delete_reason: Reason | |||
There was a problem hiding this comment.
I would change this to: "Reason to delete your account"
| field :avatarUrl, !types.String, "The author's avatar url" | ||
|
|
||
| field :deleted, !types.Boolean, "Wheter the author's account has been deleted or not" |
| @@ -13,11 +13,15 @@ module Decidim | |||
| field :name, !types.String, "The user's name" | |||
|
|
|||
| field :avatarUrl, !types.String, "The user's avatar url" do | |||
| resolve ->(obj, _args, _ctx) { obj.avatar.url } | |||
| resolve ->(obj, _args, _ctx) { obj.deleted? ? ActionController::Base.helpers.asset_path("decidim/default-avatar.svg") : obj.avatar.url } | |||
There was a problem hiding this comment.
This smells. Shouldn't we change the avatar to this when deleting the user? This way you don't need to check this value in the API level, you just change it when deleting the user.
There was a problem hiding this comment.
Ok, since we don't need to preserve the old ones I think it is fine.
| end | ||
|
|
||
| field :organizationName, !types.String, "The user's organization name" do | ||
| resolve ->(obj, _args, _ctx) { obj.organization.name } | ||
| end | ||
|
|
||
| field :deleted, !types.Boolean, "Whether the user's account has been deleted or not" do |
There was a problem hiding this comment.
field :deleted, type, "description", property: :deleted? should work just fine, and you avoid having to use the block
| @@ -11,11 +11,21 @@ | |||
| <div class="author-data__main"> | |||
| <div class="author author--inline"> | |||
| <span class="author__avatar"> | |||
| <%= image_tag @proposal.author_avatar_url %> | |||
| <% if @proposal.author&.deleted? %> | |||
| <%= image_tag ActionController::Base.helpers.asset_path("decidim/default-avatar.svg") %> | |||
There was a problem hiding this comment.
Same, changing the avatar when deleting the user will make you skip this logic in the views
| </span> | ||
| <%= l @proposal.created_at, format: :long %> | ||
| <span class="author__name"> | ||
| <%= @proposal.author_name %> | ||
| <% if @proposal.author&.deleted? %> |
There was a problem hiding this comment.
Don't we use this in the admin section too? We should update it there
There was a problem hiding this comment.
We are not displaying users in the admin section so I think it is not needed.
beagleknight
dismissed
mrcasals’s stale review
I made all the changes requested :D
🎩 What? Why?
This adds the deleting accounts feature. A user will be able to delete his account filling in an optional reason. The account will become inaccessible and anonymizes his data.
📌 Related Issues
📋 Subtasks
📷 Screenshots (optional)
👻 GIF