--- /dev/null
+<?php
+/**
+ * @copyright Copyright (C) 2010-2022, the Friendica project
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Friendica\Module\Settings;
+
+use Friendica\App;
+use Friendica\Core\Config\Capability\IManageConfigValues;
+use Friendica\Core\L10n;
+use Friendica\Core\Renderer;
+use Friendica\Core\Session\Capability\IHandleUserSessions;
+use Friendica\Database\Database;
+use Friendica\DI;
+use Friendica\Model\User;
+use Friendica\Model\User\Cookie;
+use Friendica\Module\BaseSettings;
+use Friendica\Module\Response;
+use Friendica\Navigation\SystemMessages;
+use Friendica\Util\Emailer;
+use Friendica\Util\Profiler;
+use Friendica\Util\Strings;
+use Psr\Log\LoggerInterface;
+
+class RemoveMe extends BaseSettings
+{
+ /** @var IHandleUserSessions */
+ private $session;
+ /** @var IManageConfigValues */
+ private $config;
+ /** @var Database */
+ private $database;
+ /** @var Emailer */
+ private $emailer;
+ /** @var SystemMessages */
+ private $systemMessages;
+ /** @var Cookie */
+ private $cookie;
+
+ public function __construct(Cookie $cookie, SystemMessages $systemMessages, Emailer $emailer, Database $database, IManageConfigValues $config, IHandleUserSessions $session, L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, Profiler $profiler, Response $response, array $server, array $parameters = [])
+ {
+ parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters);
+
+ $this->session = $session;
+ $this->config = $config;
+ $this->database = $database;
+ $this->emailer = $emailer;
+ $this->systemMessages = $systemMessages;
+ $this->cookie = $cookie;
+ }
+
+ protected function post(array $request = [])
+ {
+ if (!$this->session->getLocalUserId()) {
+ return;
+ }
+
+ if ($this->session->getSubManagedUserId()) {
+ return;
+ }
+
+ $hash = $this->session->pop('remove_account_verify');
+ if (empty($hash) || empty($request[$hash])) {
+ return;
+ }
+
+ try {
+ $userId = User::getIdFromPasswordAuthentication($this->session->getLocalUserId(), trim($request[$hash]));
+ } catch (\Throwable $e) {
+ $this->systemMessages->addNotice($e->getMessage());
+ return;
+ }
+
+ // send notification to admins so that they can clean up the backups
+ $admin_mails = explode(',', $this->config->get('config', 'admin_email'));
+ foreach ($admin_mails as $mail) {
+ $admin = $this->database->selectFirst('user', ['uid', 'language', 'email', 'username'], ['email' => trim($mail)]);
+ if (!$admin) {
+ continue;
+ }
+
+ $l10n = $this->l10n->withLang($admin['language']);
+
+ $email = $this->emailer
+ ->newSystemMail()
+ ->withMessage(
+ $l10n->t('[Friendica System Notify]') . ' ' . $l10n->t('User deleted their account'),
+ $l10n->t('On your Friendica node an user deleted their account. Please ensure that their data is removed from the backups.'),
+ $l10n->t('The user id is %d', $this->session->getLocalUserId()))
+ ->forUser($admin)
+ ->withRecipient($admin['email'])
+ ->build();
+ $this->emailer->send($email);
+ }
+
+ User::remove($userId);
+
+ $this->session->clear();
+ $this->cookie->clear();
+
+ $this->systemMessages->addInfo($this->t('Your user account has been successfully removed. Bye bye!'));
+ $this->baseUrl->redirect();
+ }
+
+ protected function content(array $request = []): string
+ {
+ parent::content();
+
+ if (!$this->session->getLocalUserId()) {
+ $this->systemMessages->addNotice($this->t('Permission denied.'));
+ $this->baseUrl->redirect();
+ }
+
+ $hash = Strings::getRandomHex();
+
+ $this->session->set('remove_account_verify', $hash);
+
+ $tpl = Renderer::getMarkupTemplate('settings/removeme.tpl');
+ return Renderer::replaceMacros($tpl, [
+ '$l10n' => [
+ 'title' => DI::l10n()->t('Remove My Account'),
+ 'desc' => DI::l10n()->t('This will completely remove your account. Once this has been done it is not recoverable.'),
+ ],
+ '$password' => [$hash, $this->t('Please enter your password for verification:'), null, null, true],
+ ]);
+ }
+}
$this->privacy_operate = $this->t('At the time of registration, and for providing communications between the user account and their contacts, the user has to provide a display name (pen name), an username (nickname) and a working email address. The names will be accessible on the profile page of the account by any visitor of the page, even if other profile details are not displayed. The email address will only be used to send the user notifications about interactions, but wont be visibly displayed. The listing of an account in the node\'s user directory or the global user directory is optional and can be controlled in the user settings, it is not necessary for communication.');
$this->privacy_distribute = $this->t('This data is required for communication and is passed on to the nodes of the communication partners and is stored there. Users can enter additional private data that may be transmitted to the communication partners accounts.');
- $this->privacy_delete = $this->t('At any point in time a logged in user can export their account data from the <a href="%1$s/settings/userexport">account settings</a>. If the user wants to delete their account they can do so at <a href="%1$s/removeme">%1$s/removeme</a>. The deletion of the account will be permanent. Deletion of the data will also be requested from the nodes of the communication partners.', $this->baseUrl);
+ $this->privacy_delete = $this->t('At any point in time a logged in user can export their account data from the <a href="%1$s/settings/userexport">account settings</a>. If the user wants to delete their account they can do so at <a href="%1$s/settings/removeme">%1$s/settings/removeme</a>. The deletion of the account will be permanent. Deletion of the data will also be requested from the nodes of the communication partners.', $this->baseUrl);
// In some cases we don't need every single one of the above separate, but all in one block.
// So here is an array to look over
$this->privacy_complete = [$this->t('Privacy Statement'), $this->privacy_operate,
'$privstatementtitle' => $this->t('Privacy Statement'),
'$privacy_operate' => $this->t('At the time of registration, and for providing communications between the user account and their contacts, the user has to provide a display name (pen name), an username (nickname) and a working email address. The names will be accessible on the profile page of the account by any visitor of the page, even if other profile details are not displayed. The email address will only be used to send the user notifications about interactions, but wont be visibly displayed. The listing of an account in the node\'s user directory or the global user directory is optional and can be controlled in the user settings, it is not necessary for communication.'),
'$privacy_distribute' => $this->t('This data is required for communication and is passed on to the nodes of the communication partners and is stored there. Users can enter additional private data that may be transmitted to the communication partners accounts.'),
- '$privacy_delete' => $this->t('At any point in time a logged in user can export their account data from the <a href="%1$s/settings/userexport">account settings</a>. If the user wants to delete their account they can do so at <a href="%1$s/removeme">%1$s/removeme</a>. The deletion of the account will be permanent. Deletion of the data will also be requested from the nodes of the communication partners.', $this->baseUrl)
+ '$privacy_delete' => $this->t('At any point in time a logged in user can export their account data from the <a href="%1$s/settings/userexport">account settings</a>. If the user wants to delete their account they can do so at <a href="%1$s/settings/removeme">%1$s/settings/removeme</a>. The deletion of the account will be permanent. Deletion of the data will also be requested from the nodes of the communication partners.', $this->baseUrl)
]);
} else {
return '';
projects / friendica.git / commitdiff