Nicolas Lœuillet
GitHub
commit
418626e836
@ -50,6 +50,8 @@ User information
|
||||
|
||||
You can change your name, your email address and enable ``Two factor authentication``.
|
||||
|
||||
If the wallabag instance has more than one enabled user, you can delete your account here. **Take care, we delete all your data**.
|
||||
|
||||
Two factor authentication
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
|
||||
@ -51,6 +51,8 @@ Mon compte
|
||||
|
||||
Vous pouvez ici modifier votre nom, votre adresse email et activer la ``Double authentification``.
|
||||
|
||||
Si l'instance de wallabag compte plus d'un utilisateur actif, vous pouvez supprimer ici votre compte. **Attention, nous supprimons toutes vos données**.
|
||||
|
||||
Double authentification (2FA)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
|
||||
@ -77,7 +77,7 @@ class InstallCommand extends ContainerAwareCommand
|
||||
|
||||
// testing if database driver exists
|
||||
$fulfilled = true;
|
||||
$label = '<comment>PDO Driver</comment>';
|
||||
$label = '<comment>PDO Driver (%s)</comment>';
|
||||
$status = '<info>OK!</info>';
|
||||
$help = '';
|
||||
|
||||
@ -87,7 +87,7 @@ class InstallCommand extends ContainerAwareCommand
|
||||
$help = 'Database driver "'.$this->getContainer()->getParameter('database_driver').'" is not installed.';
|
||||
}
|
||||
|
||||
$rows[] = [$label, $status, $help];
|
||||
$rows[] = [sprintf($label, $this->getContainer()->getParameter('database_driver')), $status, $help];
|
||||
|
||||
// testing if connection to the database can be etablished
|
||||
$label = '<comment>Database connection</comment>';
|
||||
|
||||
@ -7,6 +7,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\Controller;
|
||||
use Symfony\Component\HttpFoundation\JsonResponse;
|
||||
use Symfony\Component\HttpFoundation\RedirectResponse;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||
use Wallabag\CoreBundle\Entity\Config;
|
||||
use Wallabag\CoreBundle\Entity\TaggingRule;
|
||||
use Wallabag\CoreBundle\Form\Type\ConfigType;
|
||||
@ -148,6 +149,9 @@ class ConfigController extends Controller
|
||||
'token' => $config->getRssToken(),
|
||||
],
|
||||
'twofactor_auth' => $this->getParameter('twofactor_auth'),
|
||||
'enabled_users' => $this->getDoctrine()
|
||||
->getRepository('WallabagUserBundle:User')
|
||||
->getSumEnabledUsers(),
|
||||
]);
|
||||
}
|
||||
|
||||
@ -251,4 +255,37 @@ class ConfigController extends Controller
|
||||
|
||||
return $config;
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete account for current user.
|
||||
*
|
||||
* @Route("/account/delete", name="delete_account")
|
||||
*
|
||||
* @param Request $request
|
||||
*
|
||||
* @throws AccessDeniedHttpException
|
||||
*
|
||||
* @return \Symfony\Component\HttpFoundation\RedirectResponse
|
||||
*/
|
||||
public function deleteAccountAction(Request $request)
|
||||
{
|
||||
$enabledUsers = $this->getDoctrine()
|
||||
->getRepository('WallabagUserBundle:User')
|
||||
->getSumEnabledUsers();
|
||||
|
||||
if ($enabledUsers <= 1) {
|
||||
throw new AccessDeniedHttpException();
|
||||
}
|
||||
|
||||
$user = $this->getUser();
|
||||
|
||||
// logout current user
|
||||
$this->get('security.token_storage')->setToken(null);
|
||||
$request->getSession()->invalidate();
|
||||
|
||||
$em = $this->get('fos_user.user_manager');
|
||||
$em->deleteUser($user);
|
||||
|
||||
return $this->redirect($this->generateUrl('fos_user_security_login'));
|
||||
}
|
||||
}
|
||||
|
||||
@ -88,6 +88,11 @@ config:
|
||||
name_label: 'Navn'
|
||||
email_label: 'Emailadresse'
|
||||
# twoFactorAuthentication_label: 'Two factor authentication'
|
||||
delete:
|
||||
# title: Delete my account (danger zone !)
|
||||
# description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
|
||||
# confirm: Are you really sure? (it can't be UNDONE)
|
||||
# button: Delete my account
|
||||
form_password:
|
||||
old_password_label: 'Gammel adgangskode'
|
||||
new_password_label: 'Ny adgangskode'
|
||||
|
||||
@ -88,6 +88,11 @@ config:
|
||||
name_label: 'Name'
|
||||
email_label: 'E-Mail-Adresse'
|
||||
twoFactorAuthentication_label: 'Zwei-Faktor-Authentifizierung'
|
||||
delete:
|
||||
# title: Delete my account (danger zone !)
|
||||
# description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
|
||||
# confirm: Are you really sure? (it can't be UNDONE)
|
||||
# button: Delete my account
|
||||
form_password:
|
||||
old_password_label: 'Altes Kennwort'
|
||||
new_password_label: 'Neues Kennwort'
|
||||
|
||||
@ -88,6 +88,11 @@ config:
|
||||
name_label: 'Name'
|
||||
email_label: 'Email'
|
||||
twoFactorAuthentication_label: 'Two factor authentication'
|
||||
delete:
|
||||
title: Delete my account (danger zone !)
|
||||
description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
|
||||
confirm: Are you really sure? (it can't be UNDONE)
|
||||
button: Delete my account
|
||||
form_password:
|
||||
old_password_label: 'Current password'
|
||||
new_password_label: 'New password'
|
||||
|
||||
@ -88,6 +88,11 @@ config:
|
||||
name_label: 'Nombre'
|
||||
email_label: 'Direccion e-mail'
|
||||
twoFactorAuthentication_label: 'Autentificación de dos factores'
|
||||
delete:
|
||||
# title: Delete my account (danger zone !)
|
||||
# description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
|
||||
# confirm: Are you really sure? (it can't be UNDONE)
|
||||
# button: Delete my account
|
||||
form_password:
|
||||
old_password_label: 'Contraseña actual'
|
||||
new_password_label: 'Nueva contraseña'
|
||||
|
||||
@ -88,6 +88,11 @@ config:
|
||||
name_label: 'نام'
|
||||
email_label: 'نشانی ایمیل'
|
||||
twoFactorAuthentication_label: 'تأیید ۲مرحلهای'
|
||||
delete:
|
||||
# title: Delete my account (danger zone !)
|
||||
# description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
|
||||
# confirm: Are you really sure? (it can't be UNDONE)
|
||||
# button: Delete my account
|
||||
form_password:
|
||||
old_password_label: 'رمز قدیمی'
|
||||
new_password_label: 'رمز تازه'
|
||||
|
||||
@ -88,6 +88,11 @@ config:
|
||||
name_label: 'Nom'
|
||||
email_label: 'Adresse e-mail'
|
||||
twoFactorAuthentication_label: 'Double authentification'
|
||||
delete:
|
||||
title: Supprimer mon compte (attention danger !)
|
||||
description: Si vous confirmez la suppression de votre compte, TOUS les articles, TOUS les tags, TOUTES les annotations et votre compte seront DÉFINITIVEMENT supprimé (c'est IRRÉVERSIBLE). Vous serez ensuite déconnecté.
|
||||
confirm: Vous êtes vraiment sûr ? (c'est IRRÉVERSIBLE !)
|
||||
button: 'Supprimer mon compte'
|
||||
form_password:
|
||||
old_password_label: 'Mot de passe actuel'
|
||||
new_password_label: 'Nouveau mot de passe'
|
||||
|
||||
@ -88,6 +88,11 @@ config:
|
||||
name_label: 'Nome'
|
||||
email_label: 'E-mail'
|
||||
twoFactorAuthentication_label: 'Two factor authentication'
|
||||
delete:
|
||||
# title: Delete my account (danger zone !)
|
||||
# description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
|
||||
# confirm: Are you really sure? (it can't be UNDONE)
|
||||
# button: Delete my account
|
||||
form_password:
|
||||
old_password_label: 'Password corrente'
|
||||
new_password_label: 'Nuova password'
|
||||
|
||||
@ -88,6 +88,11 @@ config:
|
||||
name_label: 'Nom'
|
||||
email_label: 'Adreça de corrièl'
|
||||
twoFactorAuthentication_label: 'Dobla autentificacion'
|
||||
delete:
|
||||
# title: Delete my account (danger zone !)
|
||||
# description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
|
||||
# confirm: Are you really sure? (it can't be UNDONE)
|
||||
# button: Delete my account
|
||||
form_password:
|
||||
old_password_label: 'Senhal actual'
|
||||
new_password_label: 'Senhal novèl'
|
||||
|
||||
@ -88,6 +88,11 @@ config:
|
||||
name_label: 'Nazwa'
|
||||
email_label: 'Adres email'
|
||||
twoFactorAuthentication_label: 'Autoryzacja dwuetapowa'
|
||||
delete:
|
||||
# title: Delete my account (danger zone !)
|
||||
# description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
|
||||
# confirm: Are you really sure? (it can't be UNDONE)
|
||||
# button: Delete my account
|
||||
form_password:
|
||||
old_password_label: 'Stare hasło'
|
||||
new_password_label: 'Nowe hasło'
|
||||
|
||||
@ -88,6 +88,11 @@ config:
|
||||
name_label: 'Nume'
|
||||
email_label: 'E-mail'
|
||||
# twoFactorAuthentication_label: 'Two factor authentication'
|
||||
delete:
|
||||
# title: Delete my account (danger zone !)
|
||||
# description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
|
||||
# confirm: Are you really sure? (it can't be UNDONE)
|
||||
# button: Delete my account
|
||||
form_password:
|
||||
old_password_label: 'Parola veche'
|
||||
new_password_label: 'Parola nouă'
|
||||
|
||||
@ -88,6 +88,11 @@ config:
|
||||
name_label: 'İsim'
|
||||
email_label: 'E-posta'
|
||||
twoFactorAuthentication_label: 'İki adımlı doğrulama'
|
||||
delete:
|
||||
# title: Delete my account (danger zone !)
|
||||
# description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
|
||||
# confirm: Are you really sure? (it can't be UNDONE)
|
||||
# button: Delete my account
|
||||
form_password:
|
||||
old_password_label: 'Eski şifre'
|
||||
new_password_label: 'Yeni şifre'
|
||||
|
||||
@ -150,6 +150,15 @@
|
||||
{{ form_widget(form.user.save) }}
|
||||
</form>
|
||||
|
||||
{% if enabled_users > 1 %}
|
||||
<h2>{{ 'config.form_user.delete.title'|trans }}</h2>
|
||||
|
||||
<p>{{ 'config.form_user.delete.description'|trans }}</p>
|
||||
<a href="{{ path('delete_account') }}" onclick="return confirm('{{ 'config.form_user.delete.confirm'|trans|escape('js') }}')" class="waves-effect waves-light btn red delete-account">
|
||||
{{ 'config.form_user.delete.button'|trans }}
|
||||
</a>
|
||||
{% endif %}
|
||||
|
||||
<h2>{{ 'config.tab_menu.password'|trans }}</h2>
|
||||
|
||||
{{ form_start(form.pwd) }}
|
||||
|
||||
@ -167,6 +167,18 @@
|
||||
{{ form_widget(form.user.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }}
|
||||
{{ form_widget(form.user._token) }}
|
||||
</form>
|
||||
|
||||
{% if enabled_users > 1 %}
|
||||
<br /><hr /><br />
|
||||
|
||||
<div class="row">
|
||||
<h5>{{ 'config.form_user.delete.title'|trans }}</h5>
|
||||
<p>{{ 'config.form_user.delete.description'|trans }}</p>
|
||||
<a href="{{ path('delete_account') }}" onclick="return confirm('{{ 'config.form_user.delete.confirm'|trans|escape('js') }}')" class="waves-effect waves-light btn red delete-account">
|
||||
{{ 'config.form_user.delete.button'|trans }}
|
||||
</a>
|
||||
</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
|
||||
<div id="set4" class="col s12">
|
||||
|
||||
@ -38,4 +38,18 @@ class UserRepository extends EntityRepository
|
||||
->getQuery()
|
||||
->getSingleResult();
|
||||
}
|
||||
|
||||
/**
|
||||
* Count how many users are enabled.
|
||||
*
|
||||
* @return int
|
||||
*/
|
||||
public function getSumEnabledUsers()
|
||||
{
|
||||
return $this->createQueryBuilder('u')
|
||||
->select('count(u)')
|
||||
->andWhere('u.expired = false')
|
||||
->getQuery()
|
||||
->getSingleScalarResult();
|
||||
}
|
||||
}
|
||||
|
||||
@ -3,6 +3,8 @@
|
||||
namespace Tests\Wallabag\CoreBundle\Controller;
|
||||
|
||||
use Tests\Wallabag\CoreBundle\WallabagCoreTestCase;
|
||||
use Wallabag\CoreBundle\Entity\Config;
|
||||
use Wallabag\UserBundle\Entity\User;
|
||||
|
||||
class ConfigControllerTest extends WallabagCoreTestCase
|
||||
{
|
||||
@ -570,4 +572,122 @@ class ConfigControllerTest extends WallabagCoreTestCase
|
||||
$config->set('demo_mode_enabled', 0);
|
||||
$config->set('demo_mode_username', 'wallabag');
|
||||
}
|
||||
|
||||
public function testDeleteUserButtonVisibility()
|
||||
{
|
||||
$this->logInAs('admin');
|
||||
$client = $this->getClient();
|
||||
|
||||
$crawler = $client->request('GET', '/config');
|
||||
|
||||
$this->assertGreaterThan(1, $body = $crawler->filter('body')->extract(['_text']));
|
||||
$this->assertContains('config.form_user.delete.button', $body[0]);
|
||||
|
||||
$em = $client->getContainer()->get('doctrine.orm.entity_manager');
|
||||
|
||||
$user = $em
|
||||
->getRepository('WallabagUserBundle:User')
|
||||
->findOneByUsername('empty');
|
||||
$user->setExpired(1);
|
||||
$em->persist($user);
|
||||
|
||||
$user = $em
|
||||
->getRepository('WallabagUserBundle:User')
|
||||
->findOneByUsername('bob');
|
||||
$user->setExpired(1);
|
||||
$em->persist($user);
|
||||
|
||||
$em->flush();
|
||||
|
||||
$crawler = $client->request('GET', '/config');
|
||||
|
||||
$this->assertGreaterThan(1, $body = $crawler->filter('body')->extract(['_text']));
|
||||
$this->assertNotContains('config.form_user.delete.button', $body[0]);
|
||||
|
||||
$client->request('GET', '/account/delete');
|
||||
$this->assertEquals(403, $client->getResponse()->getStatusCode());
|
||||
|
||||
$user = $em
|
||||
->getRepository('WallabagUserBundle:User')
|
||||
->findOneByUsername('empty');
|
||||
$user->setExpired(0);
|
||||
$em->persist($user);
|
||||
|
||||
$user = $em
|
||||
->getRepository('WallabagUserBundle:User')
|
||||
->findOneByUsername('bob');
|
||||
$user->setExpired(0);
|
||||
$em->persist($user);
|
||||
|
||||
$em->flush();
|
||||
}
|
||||
|
||||
public function testDeleteAccount()
|
||||
{
|
||||
$client = $this->getClient();
|
||||
$em = $client->getContainer()->get('doctrine.orm.entity_manager');
|
||||
|
||||
$user = new User();
|
||||
$user->setName('Wallace');
|
||||
$user->setEmail('wallace@wallabag.org');
|
||||
$user->setUsername('wallace');
|
||||
$user->setPlainPassword('wallace');
|
||||
$user->setEnabled(true);
|
||||
$user->addRole('ROLE_SUPER_ADMIN');
|
||||
|
||||
$em->persist($user);
|
||||
|
||||
$config = new Config($user);
|
||||
|
||||
$config->setTheme('material');
|
||||
$config->setItemsPerPage(30);
|
||||
$config->setReadingSpeed(1);
|
||||
$config->setLanguage('en');
|
||||
$config->setPocketConsumerKey('xxxxx');
|
||||
|
||||
$em->persist($config);
|
||||
$em->flush();
|
||||
|
||||
$this->logInAs('wallace');
|
||||
$loggedInUserId = $this->getLoggedInUserId();
|
||||
|
||||
// create entry to check after user deletion
|
||||
// that this entry is also deleted
|
||||
$crawler = $client->request('GET', '/new');
|
||||
|
||||
$this->assertEquals(200, $client->getResponse()->getStatusCode());
|
||||
|
||||
$form = $crawler->filter('form[name=entry]')->form();
|
||||
$data = [
|
||||
'entry[url]' => $url = 'https://github.com/wallabag/wallabag',
|
||||
];
|
||||
|
||||
$client->submit($form, $data);
|
||||
$this->assertEquals(302, $client->getResponse()->getStatusCode());
|
||||
|
||||
$crawler = $client->request('GET', '/config');
|
||||
|
||||
$deleteLink = $crawler->filter('.delete-account')->last()->link();
|
||||
|
||||
$client->click($deleteLink);
|
||||
$this->assertEquals(302, $client->getResponse()->getStatusCode());
|
||||
|
||||
$em = $client->getContainer()->get('doctrine.orm.entity_manager');
|
||||
$user = $em
|
||||
->getRepository('WallabagUserBundle:User')
|
||||
->createQueryBuilder('u')
|
||||
->where('u.username = :username')->setParameter('username', 'wallace')
|
||||
->getQuery()
|
||||
->getOneOrNullResult()
|
||||
;
|
||||
|
||||
$this->assertNull($user);
|
||||
|
||||
$entries = $client->getContainer()
|
||||
->get('doctrine.orm.entity_manager')
|
||||
->getRepository('WallabagCoreBundle:Entry')
|
||||
->findByUser($loggedInUserId);
|
||||
|
||||
$this->assertEmpty($entries);
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user