diff --git a/app/assets/stylesheets/application.css b/app/assets/stylesheets/application.css
index f1a78d8..b900693 100644
--- a/app/assets/stylesheets/application.css
+++ b/app/assets/stylesheets/application.css
@@ -507,12 +507,12 @@ li .byline a {
color: #888;
text-decoration: none;
}
-.new_user,
+span.new_user, a.new_user,
li .byline a.new_user {
color: green;
}
-.banned_user,
-li .byline a.banned_user {
+span.inactive_user, a.inactive_user,
+li .byline a.inactive_user {
color: gray;
text-decoration: line-through;
}
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 05e7f6d..ee9be60 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -10,7 +10,7 @@ class ApplicationController < ActionController::Base
def authenticate_user
if session[:u] &&
(user = User.where(:session_token => session[:u].to_s).first) &&
- !user.is_banned?
+ user.is_active?
@user = user
Rails.logger.info " Logged in as user #{@user.id} (#{@user.username})"
end
diff --git a/app/controllers/login_controller.rb b/app/controllers/login_controller.rb
index ec793e4..f604cde 100644
--- a/app/controllers/login_controller.rb
+++ b/app/controllers/login_controller.rb
@@ -21,7 +21,7 @@ class LoginController < ApplicationController
user = User.where(:username => params[:email]).first
end
- if user && !user.is_banned? &&
+ if user && user.is_active? &&
user.try(:authenticate, params[:password].to_s)
session[:u] = user.session_token
return redirect_to "/"
@@ -70,7 +70,7 @@ class LoginController < ApplicationController
# this will get reset upon save
@reset_user.session_token = nil
- if @reset_user.save && !@reset_user.is_banned?
+ if @reset_user.save && @reset_user.is_active?
session[:u] = @reset_user.session_token
return redirect_to "/"
end
diff --git a/app/controllers/settings_controller.rb b/app/controllers/settings_controller.rb
index 36ced71..dffa335 100644
--- a/app/controllers/settings_controller.rb
+++ b/app/controllers/settings_controller.rb
@@ -7,6 +7,18 @@ class SettingsController < ApplicationController
@edit_user = @user.dup
end
+ def delete_account
+ if @user.try(:authenticate, params[:user][:password].to_s)
+ @user.delete!
+ reset_session
+ flash[:success] = "Your account has been deleted."
+ return redirect_to "/"
+ end
+
+ flash[:error] = "Your password could not be verified."
+ return redirect_to settings_url
+ end
+
def update
@edit_user = @user.clone
diff --git a/app/controllers/stories_controller.rb b/app/controllers/stories_controller.rb
index c28eb65..7943e22 100644
--- a/app/controllers/stories_controller.rb
+++ b/app/controllers/stories_controller.rb
@@ -2,10 +2,11 @@ class StoriesController < ApplicationController
before_filter :require_logged_in_user_or_400,
:only => [ :upvote, :downvote, :unvote, :preview ]
- before_filter :require_logged_in_user, :only => [ :delete, :create, :edit,
+ before_filter :require_logged_in_user, :only => [ :destroy, :create, :edit,
:fetch_url_title, :new ]
- before_filter :find_user_story, :only => [ :destroy, :edit, :undelete, :update ]
+ before_filter :find_user_story, :only => [ :destroy, :edit, :undelete,
+ :update ]
def create
@title = "Submit Story"
diff --git a/app/models/user.rb b/app/models/user.rb
index 2ee3af6..a1d6253 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -18,6 +18,7 @@ class User < ActiveRecord::Base
:class_name => "User"
belongs_to :banned_by_user,
:class_name => "User"
+ has_many :invitations
has_secure_password
@@ -38,7 +39,7 @@ class User < ActiveRecord::Base
attr_accessible :username, :email, :password, :password_confirmation,
:about, :email_replies, :pushover_replies, :pushover_user_key,
:pushover_device, :email_messages, :pushover_messages, :email_mentions,
- :pushover_mentions, :mailing_list_enabled
+ :pushover_mentions, :mailing_list_enabled, :delete_me
before_save :check_session_token
before_validation :on => :create do
@@ -80,10 +81,7 @@ class User < ActiveRecord::Base
self.banned_by_user_id = banner.id
self.banned_reason = reason
- self.session_token = nil
- self.check_session_token
-
- self.save!
+ self.delete!
BanNotification.notify(self, banner, reason)
@@ -124,6 +122,29 @@ class User < ActiveRecord::Base
Keystore.value_for("user:#{self.id}:comments_posted").to_i
end
+ def delete!
+ User.transaction do
+ self.comments.each{|c| c.delete_for_user(self) }
+
+ self.sent_messages.each do |m|
+ m.deleted_by_author = true
+ m.save
+ end
+ self.received_messages.each do |m|
+ m.deleted_by_recipient = true
+ m.save
+ end
+
+ self.invitations.destroy_all
+
+ self.session_token = nil
+ self.check_session_token
+
+ self.deleted_at = Time.now
+ self.save!
+ end
+ end
+
def initiate_password_reset_for_ip(ip)
self.password_reset_token = Utils.random_str(40)
self.save!
@@ -131,6 +152,10 @@ class User < ActiveRecord::Base
PasswordReset.password_reset_link(self, ip).deliver
end
+ def is_active?
+ !(deleted_at? || is_banned?)
+ end
+
def is_banned?
banned_at?
end
diff --git a/app/views/comments/_comment.html.erb b/app/views/comments/_comment.html.erb
index 5fec451..b02ecf7 100644
--- a/app/views/comments/_comment.html.erb
+++ b/app/views/comments/_comment.html.erb
@@ -29,8 +29,8 @@ class="comment <%= comment.current_vote ? (comment.current_vote[:vote] == 1 ?
just now
<% else %>
- class="banned_user"
+ <% if !comment.user.is_active? %>
+ class="inactive_user"
<% elsif comment.user.is_new? %>
class="new_user"
<% end %>
diff --git a/app/views/settings/index.html.erb b/app/views/settings/index.html.erb
index d011893..b0a9234 100644
--- a/app/views/settings/index.html.erb
+++ b/app/views/settings/index.html.erb
@@ -165,6 +165,32 @@
+ To permanently delete your account, verify your current password below.
+ Your account will be put into a deleted state, your comments will be marked
+ as deleted and no longer readable by any other users, and your private
+ messages will be deleted. Your submitted stories will not be deleted.
+ Your username will remain reserved and will not be available to use on any
+ other account.
+
+ <%= form_for @edit_user, :url => delete_account_url, :method => :post do |f| %>
+
+ <%= f.submit "Yes, Delete My Account" %>
+ <% end %>
+
+
+
+