Merge pull request #12141 from MrPetovan/task/4090-move-mod-removeme

Move mod/removeme.php to src/Module
This commit is contained in:
Philipp 2022-11-09 00:40:29 +01:00 committed by GitHub
commit 6af025246e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 217 additions and 202 deletions

View File

@ -5,7 +5,7 @@ Remove Account
We don't like to see people leave Friendica, but if you need to remove your account, you should visit the URL We don't like to see people leave Friendica, but if you need to remove your account, you should visit the URL
http://sitename/removeme http://sitename/settings/removeme
with your web browser. with your web browser.
You will need to be logged in at the time. You will need to be logged in at the time.

View File

@ -5,7 +5,7 @@ Accounts löschen
Wir freuen uns nicht, wenn Leute Friendica verlassen, aber wenn du deinen Account löschen willst, dann besuche die folgende URL Wir freuen uns nicht, wenn Leute Friendica verlassen, aber wenn du deinen Account löschen willst, dann besuche die folgende URL
[Lösche mich (http://NamederSeite/removeme)](../removeme) [Lösche mich (http://NamederSeite/settings/removeme)](../settings/removeme)
in deinem Webbrowser. Du musst dabei eingeloggt sein. in deinem Webbrowser. Du musst dabei eingeloggt sein.

View File

@ -1,108 +0,0 @@
<?php
/**
* @copyright Copyright (C) 2010-2022, the Friendica project
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
*/
use Friendica\App;
use Friendica\Core\Renderer;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\User;
use Friendica\Util\Strings;
function removeme_post(App $a)
{
if (!DI::userSession()->getLocalUserId()) {
return;
}
if (DI::userSession()->getSubManagedUserId()) {
return;
}
if (empty($_POST['qxz_password'])) {
return;
}
if (empty($_POST['verify'])) {
return;
}
if ($_POST['verify'] !== $_SESSION['remove_account_verify']) {
return;
}
// send notification to admins so that they can clean um the backups
// send email to admins
$admin_mails = explode(",", str_replace(" ", "", DI::config()->get('config', 'admin_email')));
foreach ($admin_mails as $mail) {
$admin = DBA::selectFirst('user', ['uid', 'language', 'email', 'username'], ['email' => $mail]);
if (!DBA::isResult($admin)) {
continue;
}
$l10n = DI::l10n()->withLang($admin['language']);
$email = DI::emailer()
->newSystemMail()
->withMessage(
$l10n->t('[Friendica System Notify]') . ' ' . $l10n->t('User deleted their account'),
$l10n->t('On your Friendica node an user deleted their account. Please ensure that their data is removed from the backups.'),
$l10n->t('The user id is %d', DI::userSession()->getLocalUserId()))
->forUser($admin)
->withRecipient($admin['email'])
->build();
DI::emailer()->send($email);
}
if (User::getIdFromPasswordAuthentication($a->getLoggedInUserId(), trim($_POST['qxz_password']))) {
User::remove($a->getLoggedInUserId());
unset($_SESSION['authenticated']);
unset($_SESSION['uid']);
DI::baseUrl()->redirect();
// NOTREACHED
}
}
function removeme_content(App $a)
{
if (!DI::userSession()->getLocalUserId()) {
DI::baseUrl()->redirect();
}
$hash = Strings::getRandomHex();
require_once("mod/settings.php");
settings_init($a);
$_SESSION['remove_account_verify'] = $hash;
$tpl = Renderer::getMarkupTemplate('removeme.tpl');
$o = Renderer::replaceMacros($tpl, [
'$basedir' => DI::baseUrl()->get(),
'$hash' => $hash,
'$title' => DI::l10n()->t('Remove My Account'),
'$desc' => DI::l10n()->t('This will completely remove your account. Once this has been done it is not recoverable.'),
'$passwd' => DI::l10n()->t('Please enter your password for verification:'),
'$submit' => DI::l10n()->t('Remove My Account')
]);
return $o;
}

View File

@ -1418,7 +1418,7 @@ class User
If you are new and do not know anybody here, they may help If you are new and do not know anybody here, they may help
you to make some new and interesting friends. you to make some new and interesting friends.
If you ever want to delete your account, you can do so at %1$s/removeme If you ever want to delete your account, you can do so at %1$s/settings/removeme
Thank you and welcome to %4$s.')); Thank you and welcome to %4$s.'));
@ -1522,7 +1522,7 @@ class User
If you are new and do not know anybody here, they may help If you are new and do not know anybody here, they may help
you to make some new and interesting friends. you to make some new and interesting friends.
If you ever want to delete your account, you can do so at %3$s/removeme If you ever want to delete your account, you can do so at %3$s/settings/removeme
Thank you and welcome to %2$s.', Thank you and welcome to %2$s.',
$user['nickname'], $user['nickname'],

View File

@ -111,8 +111,8 @@ class BaseSettings extends BaseModule
$tabs[] = [ $tabs[] = [
'label' => DI::l10n()->t('Remove account'), 'label' => DI::l10n()->t('Remove account'),
'url' => 'removeme', 'url' => 'settings/removeme',
'selected' => ((DI::args()->getArgc() == 1) && (DI::args()->getArgv() === 'removeme') ? 'active' : ''), 'selected' => static::class === Settings\RemoveMe::class ? 'active' : '',
'accesskey' => 'r', 'accesskey' => 'r',
]; ];

View File

@ -0,0 +1,143 @@
<?php
/**
* @copyright Copyright (C) 2010-2022, the Friendica project
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
*/
namespace Friendica\Module\Settings;
use Friendica\App;
use Friendica\Core\Config\Capability\IManageConfigValues;
use Friendica\Core\L10n;
use Friendica\Core\Renderer;
use Friendica\Core\Session\Capability\IHandleUserSessions;
use Friendica\Database\Database;
use Friendica\DI;
use Friendica\Model\User;
use Friendica\Model\User\Cookie;
use Friendica\Module\BaseSettings;
use Friendica\Module\Response;
use Friendica\Navigation\SystemMessages;
use Friendica\Util\Emailer;
use Friendica\Util\Profiler;
use Friendica\Util\Strings;
use Psr\Log\LoggerInterface;
class RemoveMe extends BaseSettings
{
/** @var IHandleUserSessions */
private $session;
/** @var IManageConfigValues */
private $config;
/** @var Database */
private $database;
/** @var Emailer */
private $emailer;
/** @var SystemMessages */
private $systemMessages;
/** @var Cookie */
private $cookie;
public function __construct(Cookie $cookie, SystemMessages $systemMessages, Emailer $emailer, Database $database, IManageConfigValues $config, IHandleUserSessions $session, L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, Profiler $profiler, Response $response, array $server, array $parameters = [])
{
parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters);
$this->session = $session;
$this->config = $config;
$this->database = $database;
$this->emailer = $emailer;
$this->systemMessages = $systemMessages;
$this->cookie = $cookie;
}
protected function post(array $request = [])
{
if (!$this->session->getLocalUserId()) {
return;
}
if ($this->session->getSubManagedUserId()) {
return;
}
$hash = $this->session->pop('remove_account_verify');
if (empty($hash) || empty($request[$hash])) {
return;
}
try {
$userId = User::getIdFromPasswordAuthentication($this->session->getLocalUserId(), trim($request[$hash]));
} catch (\Throwable $e) {
$this->systemMessages->addNotice($e->getMessage());
return;
}
// send notification to admins so that they can clean up the backups
$admin_mails = explode(',', $this->config->get('config', 'admin_email'));
foreach ($admin_mails as $mail) {
$admin = $this->database->selectFirst('user', ['uid', 'language', 'email', 'username'], ['email' => trim($mail)]);
if (!$admin) {
continue;
}
$l10n = $this->l10n->withLang($admin['language']);
$email = $this->emailer
->newSystemMail()
->withMessage(
$l10n->t('[Friendica System Notify]') . ' ' . $l10n->t('User deleted their account'),
$l10n->t('On your Friendica node an user deleted their account. Please ensure that their data is removed from the backups.'),
$l10n->t('The user id is %d', $this->session->getLocalUserId()))
->forUser($admin)
->withRecipient($admin['email'])
->build();
$this->emailer->send($email);
}
User::remove($userId);
$this->session->clear();
$this->cookie->clear();
$this->systemMessages->addInfo($this->t('Your user account has been successfully removed. Bye bye!'));
$this->baseUrl->redirect();
}
protected function content(array $request = []): string
{
parent::content();
if (!$this->session->getLocalUserId()) {
$this->systemMessages->addNotice($this->t('Permission denied.'));
$this->baseUrl->redirect();
}
$hash = Strings::getRandomHex();
$this->session->set('remove_account_verify', $hash);
$tpl = Renderer::getMarkupTemplate('settings/removeme.tpl');
return Renderer::replaceMacros($tpl, [
'$l10n' => [
'title' => DI::l10n()->t('Remove My Account'),
'desc' => DI::l10n()->t('This will completely remove your account. Once this has been done it is not recoverable.'),
],
'$password' => [$hash, $this->t('Please enter your password for verification:'), null, null, true],
]);
}
}

View File

@ -56,7 +56,7 @@ class Tos extends BaseModule
$this->privacy_operate = $this->t('At the time of registration, and for providing communications between the user account and their contacts, the user has to provide a display name (pen name), an username (nickname) and a working email address. The names will be accessible on the profile page of the account by any visitor of the page, even if other profile details are not displayed. The email address will only be used to send the user notifications about interactions, but wont be visibly displayed. The listing of an account in the node\'s user directory or the global user directory is optional and can be controlled in the user settings, it is not necessary for communication.'); $this->privacy_operate = $this->t('At the time of registration, and for providing communications between the user account and their contacts, the user has to provide a display name (pen name), an username (nickname) and a working email address. The names will be accessible on the profile page of the account by any visitor of the page, even if other profile details are not displayed. The email address will only be used to send the user notifications about interactions, but wont be visibly displayed. The listing of an account in the node\'s user directory or the global user directory is optional and can be controlled in the user settings, it is not necessary for communication.');
$this->privacy_distribute = $this->t('This data is required for communication and is passed on to the nodes of the communication partners and is stored there. Users can enter additional private data that may be transmitted to the communication partners accounts.'); $this->privacy_distribute = $this->t('This data is required for communication and is passed on to the nodes of the communication partners and is stored there. Users can enter additional private data that may be transmitted to the communication partners accounts.');
$this->privacy_delete = $this->t('At any point in time a logged in user can export their account data from the <a href="%1$s/settings/userexport">account settings</a>. If the user wants to delete their account they can do so at <a href="%1$s/removeme">%1$s/removeme</a>. The deletion of the account will be permanent. Deletion of the data will also be requested from the nodes of the communication partners.', $this->baseUrl); $this->privacy_delete = $this->t('At any point in time a logged in user can export their account data from the <a href="%1$s/settings/userexport">account settings</a>. If the user wants to delete their account they can do so at <a href="%1$s/settings/removeme">%1$s/settings/removeme</a>. The deletion of the account will be permanent. Deletion of the data will also be requested from the nodes of the communication partners.', $this->baseUrl);
// In some cases we don't need every single one of the above separate, but all in one block. // In some cases we don't need every single one of the above separate, but all in one block.
// So here is an array to look over // So here is an array to look over
$this->privacy_complete = [$this->t('Privacy Statement'), $this->privacy_operate, $this->privacy_complete = [$this->t('Privacy Statement'), $this->privacy_operate,
@ -90,7 +90,7 @@ class Tos extends BaseModule
'$privstatementtitle' => $this->t('Privacy Statement'), '$privstatementtitle' => $this->t('Privacy Statement'),
'$privacy_operate' => $this->t('At the time of registration, and for providing communications between the user account and their contacts, the user has to provide a display name (pen name), an username (nickname) and a working email address. The names will be accessible on the profile page of the account by any visitor of the page, even if other profile details are not displayed. The email address will only be used to send the user notifications about interactions, but wont be visibly displayed. The listing of an account in the node\'s user directory or the global user directory is optional and can be controlled in the user settings, it is not necessary for communication.'), '$privacy_operate' => $this->t('At the time of registration, and for providing communications between the user account and their contacts, the user has to provide a display name (pen name), an username (nickname) and a working email address. The names will be accessible on the profile page of the account by any visitor of the page, even if other profile details are not displayed. The email address will only be used to send the user notifications about interactions, but wont be visibly displayed. The listing of an account in the node\'s user directory or the global user directory is optional and can be controlled in the user settings, it is not necessary for communication.'),
'$privacy_distribute' => $this->t('This data is required for communication and is passed on to the nodes of the communication partners and is stored there. Users can enter additional private data that may be transmitted to the communication partners accounts.'), '$privacy_distribute' => $this->t('This data is required for communication and is passed on to the nodes of the communication partners and is stored there. Users can enter additional private data that may be transmitted to the communication partners accounts.'),
'$privacy_delete' => $this->t('At any point in time a logged in user can export their account data from the <a href="%1$s/settings/userexport">account settings</a>. If the user wants to delete their account they can do so at <a href="%1$s/removeme">%1$s/removeme</a>. The deletion of the account will be permanent. Deletion of the data will also be requested from the nodes of the communication partners.', $this->baseUrl) '$privacy_delete' => $this->t('At any point in time a logged in user can export their account data from the <a href="%1$s/settings/userexport">account settings</a>. If the user wants to delete their account they can do so at <a href="%1$s/settings/removeme">%1$s/settings/removeme</a>. The deletion of the account will be permanent. Deletion of the data will also be requested from the nodes of the communication partners.', $this->baseUrl)
]); ]);
} else { } else {
return ''; return '';

View File

@ -605,6 +605,7 @@ return [
'/photo[/new]' => [Module\Settings\Profile\Photo\Index::class, [R::GET, R::POST]], '/photo[/new]' => [Module\Settings\Profile\Photo\Index::class, [R::GET, R::POST]],
'/photo/crop/{guid}' => [Module\Settings\Profile\Photo\Crop::class, [R::GET, R::POST]], '/photo/crop/{guid}' => [Module\Settings\Profile\Photo\Crop::class, [R::GET, R::POST]],
], ],
'/removeme' => [Module\Settings\RemoveMe::class, [R::GET, R::POST]],
'/userexport[/{action}]' => [Module\Settings\UserExport::class, [R::GET ]], '/userexport[/{action}]' => [Module\Settings\UserExport::class, [R::GET ]],
], ],

View File

@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: 2022.12-dev\n" "Project-Id-Version: 2022.12-dev\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2022-11-08 09:11-0500\n" "POT-Creation-Date: 2022-11-08 17:50-0500\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n" "Language-Team: LANGUAGE <LL@li.org>\n"
@ -67,7 +67,8 @@ msgstr ""
#: src/Module/Settings/Display.php:119 #: src/Module/Settings/Display.php:119
#: src/Module/Settings/Profile/Photo/Crop.php:165 #: src/Module/Settings/Profile/Photo/Crop.php:165
#: src/Module/Settings/Profile/Photo/Index.php:111 #: src/Module/Settings/Profile/Photo/Index.php:111
#: src/Module/Settings/UserExport.php:84 src/Module/Settings/UserExport.php:118 #: src/Module/Settings/RemoveMe.php:126 src/Module/Settings/UserExport.php:84
#: src/Module/Settings/UserExport.php:118
#: src/Module/Settings/UserExport.php:219 #: src/Module/Settings/UserExport.php:219
#: src/Module/Settings/UserExport.php:239 #: src/Module/Settings/UserExport.php:239
#: src/Module/Settings/UserExport.php:304 src/Module/User/Import.php:84 #: src/Module/Settings/UserExport.php:304 src/Module/User/Import.php:84
@ -928,40 +929,6 @@ msgstr ""
msgid "Contact not found." msgid "Contact not found."
msgstr "" msgstr ""
#: mod/removeme.php:65 src/Navigation/Notifications/Repository/Notify.php:467
#: src/Navigation/Notifications/Repository/Notify.php:488
msgid "[Friendica System Notify]"
msgstr ""
#: mod/removeme.php:65
msgid "User deleted their account"
msgstr ""
#: mod/removeme.php:66
msgid ""
"On your Friendica node an user deleted their account. Please ensure that "
"their data is removed from the backups."
msgstr ""
#: mod/removeme.php:67
#, php-format
msgid "The user id is %d"
msgstr ""
#: mod/removeme.php:101 mod/removeme.php:104
msgid "Remove My Account"
msgstr ""
#: mod/removeme.php:102
msgid ""
"This will completely remove your account. Once this has been done it is not "
"recoverable."
msgstr ""
#: mod/removeme.php:103
msgid "Please enter your password for verification:"
msgstr ""
#: mod/settings.php:122 #: mod/settings.php:122
msgid "Failed to connect with email account using the settings provided." msgid "Failed to connect with email account using the settings provided."
msgstr "" msgstr ""
@ -3880,7 +3847,8 @@ msgid ""
"\t\tIf you are new and do not know anybody here, they may help\n" "\t\tIf you are new and do not know anybody here, they may help\n"
"\t\tyou to make some new and interesting friends.\n" "\t\tyou to make some new and interesting friends.\n"
"\n" "\n"
"\t\tIf you ever want to delete your account, you can do so at %1$s/removeme\n" "\t\tIf you ever want to delete your account, you can do so at %1$s/settings/"
"removeme\n"
"\n" "\n"
"\t\tThank you and welcome to %4$s." "\t\tThank you and welcome to %4$s."
msgstr "" msgstr ""
@ -3954,7 +3922,7 @@ msgid ""
"\t\t\tyou to make some new and interesting friends.\n" "\t\t\tyou to make some new and interesting friends.\n"
"\n" "\n"
"\t\t\tIf you ever want to delete your account, you can do so at %3$s/" "\t\t\tIf you ever want to delete your account, you can do so at %3$s/"
"removeme\n" "settings/removeme\n"
"\n" "\n"
"\t\t\tThank you and welcome to %2$s." "\t\t\tThank you and welcome to %2$s."
msgstr "" msgstr ""
@ -9830,6 +9798,45 @@ msgstr ""
msgid "select a photo from your photo albums" msgid "select a photo from your photo albums"
msgstr "" msgstr ""
#: src/Module/Settings/RemoveMe.php:103
#: src/Navigation/Notifications/Repository/Notify.php:467
#: src/Navigation/Notifications/Repository/Notify.php:488
msgid "[Friendica System Notify]"
msgstr ""
#: src/Module/Settings/RemoveMe.php:103
msgid "User deleted their account"
msgstr ""
#: src/Module/Settings/RemoveMe.php:104
msgid ""
"On your Friendica node an user deleted their account. Please ensure that "
"their data is removed from the backups."
msgstr ""
#: src/Module/Settings/RemoveMe.php:105
#, php-format
msgid "The user id is %d"
msgstr ""
#: src/Module/Settings/RemoveMe.php:117
msgid "Your user account has been successfully removed. Bye bye!"
msgstr ""
#: src/Module/Settings/RemoveMe.php:137
msgid "Remove My Account"
msgstr ""
#: src/Module/Settings/RemoveMe.php:138
msgid ""
"This will completely remove your account. Once this has been done it is not "
"recoverable."
msgstr ""
#: src/Module/Settings/RemoveMe.php:140
msgid "Please enter your password for verification:"
msgstr ""
#: src/Module/Settings/TwoFactor/AppSpecific.php:65 #: src/Module/Settings/TwoFactor/AppSpecific.php:65
#: src/Module/Settings/TwoFactor/Recovery.php:63 #: src/Module/Settings/TwoFactor/Recovery.php:63
#: src/Module/Settings/TwoFactor/Trusted.php:66 #: src/Module/Settings/TwoFactor/Trusted.php:66
@ -10184,9 +10191,10 @@ msgstr ""
msgid "" msgid ""
"At any point in time a logged in user can export their account data from the " "At any point in time a logged in user can export their account data from the "
"<a href=\"%1$s/settings/userexport\">account settings</a>. If the user wants " "<a href=\"%1$s/settings/userexport\">account settings</a>. If the user wants "
"to delete their account they can do so at <a href=\"%1$s/removeme\">%1$s/" "to delete their account they can do so at <a href=\"%1$s/settings/removeme\">"
"removeme</a>. The deletion of the account will be permanent. Deletion of the " "%1$s/settings/removeme</a>. The deletion of the account will be permanent. "
"data will also be requested from the nodes of the communication partners." "Deletion of the data will also be requested from the nodes of the "
"communication partners."
msgstr "" msgstr ""
#: src/Module/Tos.php:62 src/Module/Tos.php:90 #: src/Module/Tos.php:62 src/Module/Tos.php:90

View File

@ -1,21 +0,0 @@
<h1>{{$title}}</h1>
<div id="remove-account-wrapper">
<div id="remove-account-desc">{{$desc nofilter}}</div>
<form action="{{$basedir}}/removeme" autocomplete="off" method="post">
<input type="hidden" name="verify" value="{{$hash}}" />
<div id="remove-account-pass-wrapper">
<label id="remove-account-pass-label" for="remove-account-pass">{{$passwd}}</label>
<input type="password" id="remove-account-pass" name="qxz_password" />
</div>
<div id="remove-account-pass-end"></div>
<input type="submit" name="submit" value="{{$submit}}" />
</form>
</div>

View File

@ -0,0 +1,16 @@
<div class="generic-page-wrapper">
{{include file="section_title.tpl" title=$l10n.title}}
<div id="remove-account-wrapper">
<div id="remove-account-desc">{{$l10n.desc nofilter}}</div>
<form action="settings/removeme" autocomplete="off" method="post">
{{include file="field_password.tpl" field=$password}}
<div class="form-group pull-right settings-submit-wrapper">
<button type="submit" name="submit" class="btn btn-primary" value="{{$l10n.title}}"><i class="fa fa-trash fa-fw"></i>&nbsp;{{$l10n.title}}</button>
</div>
<div class="clear"></div>
</form>
</div>
</div>

View File

@ -1,24 +0,0 @@
<div class="generic-page-wrapper">
{{* include the title template for the settings title *}}
{{include file="section_title.tpl" title=$title }}
<div id="remove-account-wrapper">
<div id="remove-account-desc">{{$desc nofilter}}</div>
<form action="{{$basedir}}/removeme" autocomplete="off" method="post">
<input type="hidden" name="verify" value="{{$hash}}" />
<div id="remove-account-pass-wrapper" class="form-group">
<label id="remove-account-pass-label" for="remove-account-pass">{{$passwd}}</label>
<input type="password" id="remove-account-pass" class="form-control" name="qxz_password" />
</div>
<div id="remove-account-pass-end"></div>
<div class="form-group pull-right settings-submit-wrapper">
<button type="submit" name="submit" class="btn btn-primary" value="{{$submit}}"><i class="fa fa-trash fa-fw"></i>&nbsp;{{$submit}}</button>
</div>
<div class="clear"></div>
</form>
</div>
</div>