1
0

deletes_controller.rb 1.2 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849
  1. # frozen_string_literal: true
  2. class Settings::DeletesController < Settings::BaseController
  3. skip_before_action :require_functional!
  4. before_action :require_not_suspended!
  5. before_action :check_enabled_deletion
  6. def show
  7. @confirmation = Form::DeleteConfirmation.new
  8. end
  9. def destroy
  10. if challenge_passed?
  11. destroy_account!
  12. redirect_to new_user_session_path, notice: I18n.t('deletes.success_msg')
  13. else
  14. redirect_to settings_delete_path, alert: I18n.t('deletes.challenge_not_passed')
  15. end
  16. end
  17. private
  18. def check_enabled_deletion
  19. redirect_to root_path unless Setting.open_deletion
  20. end
  21. def resource_params
  22. params.require(:form_delete_confirmation).permit(:password, :username)
  23. end
  24. def require_not_suspended!
  25. forbidden if current_account.suspended?
  26. end
  27. def challenge_passed?
  28. if current_user.encrypted_password.blank?
  29. current_account.username == resource_params[:username]
  30. else
  31. current_user.valid_password?(resource_params[:password])
  32. end
  33. end
  34. def destroy_account!
  35. current_account.suspend!(origin: :local, block_email: false)
  36. AccountDeletionWorker.perform_async(current_user.account_id)
  37. sign_out
  38. end
  39. end