deletes_controller.rb 1.1 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344
  1. # frozen_string_literal: true
  2. class Settings::DeletesController < Settings::BaseController
  3. skip_before_action :require_functional!
  4. before_action :require_not_suspended!
  5. def show
  6. @confirmation = Form::DeleteConfirmation.new
  7. end
  8. def destroy
  9. if challenge_passed?
  10. destroy_account!
  11. redirect_to new_user_session_path, notice: I18n.t('deletes.success_msg')
  12. else
  13. redirect_to settings_delete_path, alert: I18n.t('deletes.challenge_not_passed')
  14. end
  15. end
  16. private
  17. def resource_params
  18. params.require(:form_delete_confirmation).permit(:password, :username)
  19. end
  20. def require_not_suspended!
  21. forbidden if current_account.unavailable?
  22. end
  23. def challenge_passed?
  24. if current_user.encrypted_password.blank?
  25. current_account.username == resource_params[:username]
  26. else
  27. current_user.valid_password?(resource_params[:password])
  28. end
  29. end
  30. def destroy_account!
  31. current_account.suspend!(origin: :local, block_email: false)
  32. AccountDeletionWorker.perform_async(current_user.account_id)
  33. sign_out
  34. end
  35. end