xaizek / rocketgit (License: AGPLv3+) (since 2018-12-09)
Light and fast Git hosting solution suitable to serve both as a hub or as a personal code storage with its tickets, pull requests, API and much more.
Clone URLs: https://code.reversed.top/user/xaizek/rocketgit ssh://rocketgit@code.reversed.top/user/xaizek/rocketgit
v0.0 v0.1 v0.10 v0.11 v0.12 v0.13 v0.14 v0.15 v0.17 v0.18 v0.19 v0.2 v0.20 v0.21 v0.22 v0.23 v0.24 v0.25 v0.27 v0.28 v0.29 v0.31 v0.32 v0.33 v0.34 v0.35 v0.36 v0.38 v0.39 v0.40 v0.41 v0.42 v0.43 v0.44 v0.45 v0.46 v0.47 v0.48 v0.49 v0.50 v0.51 v0.52 v0.53 v0.54 v0.55 v0.56 v0.57 v0.58 v0.60 v0.61 v0.62 v0.63 v0.64 v0.65 v0.66 v0.67 v0.68 v0.69 v0.70 local master
Commit 2a2338aca850737f16febc056c1d248daf935736

Allow users to delete their account
Author: Catalin(ux) M. BOIE
Author date (UTC): 2016-12-30 12:49
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2017-01-05 16:10
Parent(s): 00f1ad9bffc47d0cd786e6caa6f9777fae27b2ff
Signing key:
Tree: be2f8dab467a39dc5665ae9f18fa4e58d73d1510
File Lines added Lines deleted
inc/struct.inc.php 5 0
inc/user.inc.php 91 12
inc/user/settings.php 4 0
root/themes/default/hints/user/delete_account.html 5 0
root/themes/default/user/settings/delete/done.html 3 0
root/themes/default/user/settings/delete/no.html 0 0
root/themes/default/user/settings/delete/sure.html 6 4
root/themes/default/user/settings/menu.html 1 0
File inc/struct.inc.php changed (mode: 100644) (index a30d3e5..5c1e042)
... ... $rg_sql_struct[41]['other'] = array(
588 588 . " ON workers(fingerprint_sha256)" . " ON workers(fingerprint_sha256)"
589 589 ); );
590 590
591 $rg_sql_struct[42]['other'] = array(
592 'deleted for users' =>
593 "ALTER TABLE users ADD deleted INTEGER NOT NULL DEFAULT 0"
594 );
595
591 596 // Do not forget to add the new tables to statistics // Do not forget to add the new tables to statistics
592 597 // This must be the last line // This must be the last line
593 598 $rg_sql_schema_ver = count($rg_sql_struct); $rg_sql_schema_ver = count($rg_sql_struct);
File inc/user.inc.php changed (mode: 100644) (index 6c7719b..ed27197)
... ... function rg_user_edit($db, $d)
531 531 break; break;
532 532
533 533 $d['suspended'] = 0; $d['suspended'] = 0;
534 $d['deleted'] = 0;
534 535 $d['last_seen'] = 0; $d['last_seen'] = 0;
535 536 $d['disk_used_mb'] = 0; $d['disk_used_mb'] = 0;
536 537 $sql = "INSERT INTO users (username, realname, salt" $sql = "INSERT INTO users (username, realname, salt"
537 538 . ", pass, email, itime" . ", pass, email, itime"
538 539 . ", is_admin, rights, session_time" . ", is_admin, rights, session_time"
539 540 . ", confirmed, confirm_token, plan_id" . ", confirmed, confirm_token, plan_id"
540 . ", suspended, last_seen, disk_used_mb)"
541 . ", suspended, last_seen, disk_used_mb"
542 . ", deleted)"
541 543 . " VALUES (@@username@@, @@realname@@, @@salt@@" . " VALUES (@@username@@, @@realname@@, @@salt@@"
542 544 . ", @@pass_crypted@@, @@email@@, @@itime@@" . ", @@pass_crypted@@, @@email@@, @@itime@@"
543 545 . ", @@is_admin@@, @@rights@@, @@session_time@@" . ", @@is_admin@@, @@rights@@, @@session_time@@"
544 546 . ", @@confirmed@@, @@confirm_token@@, @@plan_id@@" . ", @@confirmed@@, @@confirm_token@@, @@plan_id@@"
545 547 . ", @@suspended@@, @@last_seen@@" . ", @@suspended@@, @@last_seen@@"
546 . ", @@disk_used_mb@@)"
548 . ", @@disk_used_mb@@, @@deleted@@)"
547 549 . " RETURNING uid"; . " RETURNING uid";
548 550 } else { // edit } else { // edit
549 551 $salt_pass_add = ""; $salt_pass_add = "";
 
... ... function rg_user_edit($db, $d)
625 627
626 628 /* /*
627 629 * Delete a user * Delete a user
630 * @uid - the uid of the user to be removed
631 * This function only marks the user to be removed.
628 632 */ */
629 633 function rg_user_remove($db, $rg, $uid) function rg_user_remove($db, $rg, $uid)
630 634 { {
631 rg_prof_start("user_remove");
632 rg_log_enter("user_remove: uid=$uid");
635 rg_prof_start('user_remove');
636 rg_log_enter('user_remove: uid=$uid');
633 637
634 638 $ret = FALSE; $ret = FALSE;
635 639 while (1) { while (1) {
 
... ... function rg_user_remove($db, $rg, $uid)
641 645 $x['username'] = $rg['login_ui']['username']; $x['username'] = $rg['login_ui']['username'];
642 646 $x['needed_rights'] = 'R'; $x['needed_rights'] = 'R';
643 647 $x['ip'] = $rg['ip']; $x['ip'] = $rg['ip'];
644 $x['misc'] = "";
648 $x['misc'] = '';
645 649 if (rg_rights_allow($db, $x) !== TRUE) if (rg_rights_allow($db, $x) !== TRUE)
646 650 break; break;
647 651
648 $params = array("uid" => $uid);
649 $sql = "DELETE FROM users WHERE uid = @@uid@@";
652 $now = time();
653 $params = array(
654 'now' => $now,
655 'uid' => $uid
656 );
657 $sql = 'UPDATE users SET deleted = @@now@@'
658 . ' WHERE uid = @@uid@@';
650 659 $res = rg_sql_query_params($db, $sql, $params); $res = rg_sql_query_params($db, $sql, $params);
651 660 if ($res === FALSE) { if ($res === FALSE) {
652 rg_user_set_error("cannot remove user $uid (" . rg_sql_error() . ")");
661 rg_user_set_error('cannot remove user');
653 662 break; break;
654 663 } }
655 664 rg_sql_free_result($res); rg_sql_free_result($res);
656 665
657 // invalidate cache
658 rg_cache_unset('user' . '::' . $uid, RG_SOCKET_NO_WAIT);
666 // update cache
667 rg_cache_set('user' . '::' . $uid . '::' . 'info'
668 . '::' . 'deleted', $now, RG_SOCKET_NO_WAIT);
669
670 // invalidate session
671 rg_sess_destroy($db, $rg['sid'], $rg['login_ui']);
659 672
660 673 $ret = TRUE; $ret = TRUE;
661 674 break; break;
662 675 } }
663 676
664 677 rg_log_exit(); rg_log_exit();
665 rg_prof_end("user_remove");
678 rg_prof_end('user_remove');
666 679 return $ret; return $ret;
667 680 } }
668 681
 
... ... function rg_user_login_by_user_pass($db, $user, $pass, $login_token, $lock_ip,
954 967 break; break;
955 968 } }
956 969
970 if ($ui0['deleted'] > 0) {
971 rg_user_set_error('invalid user, pass or login token');
972 rg_log('account is deleted');
973 break;
974 }
975
957 976 if ($ui0['suspended'] > 0) { if ($ui0['suspended'] > 0) {
958 977 rg_user_set_error("invalid user, pass or login token"); rg_user_set_error("invalid user, pass or login token");
959 978 rg_log("account is suspended"); rg_log("account is suspended");
 
... ... function rg_user_list($db)
1117 1136
1118 1137 $ret = FALSE; $ret = FALSE;
1119 1138 while (1) { while (1) {
1120 $sql = "SELECT * FROM users ORDER BY username";
1139 $sql = 'SELECT * FROM users ORDER BY username'
1140 . ' WHERE deleted = 0';
1121 1141 $res = rg_sql_query($db, $sql); $res = rg_sql_query($db, $sql);
1122 1142 if ($res === FALSE) { if ($res === FALSE) {
1123 1143 rg_user_set_error("cannot get info (" . rg_sql_error() . ")!"); rg_user_set_error("cannot get info (" . rg_sql_error() . ")!");
 
... ... function rg_user_http_git($db, $rg, $paras)
2054 2074 return $ret; return $ret;
2055 2075 } }
2056 2076
2077 /*
2078 * Delete account high level function
2079 */
2080 function rg_user_delete_account_high_level($db, $rg, $paras)
2081 {
2082 $ret = '';
2083
2084 $are_you_sure = rg_var_uint('are_you_sure');
2085 $errmsg = array();
2086 $show_form = TRUE;
2087 while (1) {
2088 if ($rg['doit'] != 1)
2089 break;
2090
2091 if ($are_you_sure == 0) {
2092 $ret .= rg_template('user/settings/delete/no.html',
2093 $rg, TRUE/*xss*/);
2094 $show_form = FALSE;
2095 break;
2096 }
2097
2098 if (!rg_valid_referer()) {
2099 $errmsg[] = 'invalid referer; try again';
2100 break;
2101 }
2102
2103 if (!rg_token_valid($db, $rg, 'delete_account', FALSE)) {
2104 $errmsg[] = 'invalid token; try again';
2105 break;
2106 }
2107
2108 $r = rg_user_remove($db, $rg, $rg['login_ui']['uid']);
2109 if ($r !== TRUE) {
2110 $errmsg[] = rg_user_error();
2111 break;
2112 }
2113
2114 $ret .= rg_template('user/settings/delete/done.html',
2115 $rg, TRUE/*xss*/);
2116 $show_form = FALSE;
2117 break;
2118 }
2119
2120 if ($show_form) {
2121 // hints
2122 $hints = array();
2123 $hints[]['HTML:hint'] = rg_template('hints/user/delete_account.html',
2124 $rg, TRUE /*xss*/);
2125 $rg['HTML:hints'] = rg_template_table('hints/list', $hints, $rg);
2126
2127 $rg['HTML:errmsg'] = rg_template_errmsg($errmsg);
2128 $rg['rg_form_token'] = rg_token_get($db, $rg, 'delete_account');
2129 $ret .= rg_template('user/settings/delete/sure.html',
2130 $rg, TRUE/*xss*/);
2131 }
2132
2133 return $ret;
2134 }
2135
2057 2136 ?> ?>
File inc/user/settings.php changed (mode: 100644) (index 7c2d3af..faabd82)
... ... case 'workers':
45 45 $_settings_body = rg_worker_high_level($db, $rg, $paras); $_settings_body = rg_worker_high_level($db, $rg, $paras);
46 46 break; break;
47 47
48 case 'delete_account':
49 $_settings_body = rg_user_delete_account_high_level($db, $rg, $paras);
50 break;
51
48 52 default: default:
49 53 $rg['ask_for_pass'] = 0; $rg['ask_for_pass'] = 0;
50 54 $rg['no_tos'] = 1; // we ask for only for account creation $rg['no_tos'] = 1; // we ask for only for account creation
File root/themes/default/hints/user/delete_account.html added (mode: 100644) (index 0000000..b8e3692)
1 <br />
2 <span style="color: red">Warning!</span> This operation will delete all
3 stuff created by your account: repositories (both public and private),
4 bugs, rights granted by you, web hooks, login tokens and scratch codes
5 etc. and cannot be undone.
File root/themes/default/user/settings/delete/done.html added (mode: 100644) (index 0000000..6add69b)
1 <div class="mess ok">
2 The user account has been deleted.
3 </div>
File root/themes/default/user/settings/delete/no.html copied from file root/themes/default/user/repo/delete/no.html (similarity 100%)
File root/themes/default/user/settings/delete/sure.html copied from file root/themes/default/user/repo/delete/sure.html (similarity 61%) (mode: 100644) (index 3cb4923..b72316b)
1 1 <div class="formarea"> <div class="formarea">
2 2
3 <div class="formarea_title">Delete repository</div>
3 <div class="formarea_title">Delete account</div>
4 4
5 <form method="post" action="@@url_repo@@/admin/delete">
5 <form method="post" action="@@url@@">
6 6 <input type="hidden" name="doit" value="1" /> <input type="hidden" name="doit" value="1" />
7 7 <input type="hidden" name="token" value="@@rg_form_token@@" /> <input type="hidden" name="token" value="@@rg_form_token@@" />
8 8
9 9 <p> <p>
10 10 <label for="are_you_sure">Are you sure?</label><br /> <label for="are_you_sure">Are you sure?</label><br />
11 11 <select name="are_you_sure" id="are_you_sure"> <select name="are_you_sure" id="are_you_sure">
12 <option value="0">No</option>
13 <option value="1">Yes</option>
12 <option value="0">No, just kidding</option>
13 <option value="1">Yes, I want to delete everything</option>
14 14 </select> </select>
15 15 </p> </p>
16 16
 
19 19 </form> </form>
20 20
21 21 </div> </div>
22
23 @@hints@@
File root/themes/default/user/settings/menu.html changed (mode: 100644) (index 88cd49a..c3ba768)
9 9 <li@@if(@@set_menu::totp@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/totp">Login tokens</a></li> <li@@if(@@set_menu::totp@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/totp">Login tokens</a></li>
10 10 <li@@if(@@set_menu::wh@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/wh">Webhooks</a></li> <li@@if(@@set_menu::wh@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/wh">Webhooks</a></li>
11 11 <li@@if(@@set_menu::workers@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/workers">Workers</a></li> <li@@if(@@set_menu::workers@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/workers">Workers</a></li>
12 <li@@if(@@set_menu::delete_account@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/delete_account">Delete account</a></li>
12 13 </ul> </ul>
13 14 </div> </div>
14 15 @@menu_level2@@ @@menu_level2@@
Hints
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):
git clone https://code.reversed.top/user/xaizek/rocketgit

Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@code.reversed.top/user/xaizek/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a pull request:
... clone the repository ...
... make some changes and some commits ...
git push origin master