MAPG-156 implement user deletion

2020-06-25 20:26:33 +02:00 · 2020-06-25 20:26:33 +02:00 · b1ae7391e7
commit b1ae7391e7
parent 8987b563dd
10 changed files with 83 additions and 8 deletions
--- a/public/static/js/account/account.js
+++ b/public/static/js/account/account.js
--- a/public/static/js/account/delete.js
+++ b/public/static/js/account/delete.js
@ -0,0 +1,5 @@
+(function () {
+    var form = document.getElementById('deleteAccountForm');
+
+    MapGuesser.setOnsubmitForForm(form, '/');
+})();
--- a/public/static/js/login/login.js
+++ b/public/static/js/login/login.js
--- a/public/static/js/login/signup.js
+++ b/public/static/js/login/signup.js
--- a/src/Controller/UserController.php
+++ b/src/Controller/UserController.php
@ -1,10 +1,14 @@
 <?php namespace MapGuesser\Controller;

+use MapGuesser\Database\Query\Select;
 use MapGuesser\Interfaces\Authorization\ISecured;
+use MapGuesser\Interfaces\Database\IResultSet;
 use MapGuesser\Interfaces\Request\IRequest;
 use MapGuesser\Interfaces\Response\IContent;
 use MapGuesser\PersistentData\PersistentDataManager;
 use MapGuesser\PersistentData\Model\User;
+use MapGuesser\PersistentData\Model\UserConfirmation;
+use MapGuesser\Repository\UserConfirmationRepository;
 use MapGuesser\Response\HtmlContent;
 use MapGuesser\Response\JsonContent;

@ -14,10 +18,13 @@ class UserController implements ISecured

    private PersistentDataManager $pdm;

+    private UserConfirmationRepository $userConfirmationRepository;
+
    public function __construct(IRequest $request)
    {
        $this->request = $request;
        $this->pdm = new PersistentDataManager();
+        $this->userConfirmationRepository = new UserConfirmationRepository();
    }

    public function authorize(): bool
@ -35,7 +42,18 @@ class UserController implements ISecured
        $user = $this->request->user();

        $data = ['user' => $user->toArray()];
-        return new HtmlContent('account', $data);
+        return new HtmlContent('account/account', $data);
+    }
+
+    public function getDeleteAccount(): IContent
+    {
+        /**
+         * @var User $user
+         */
+        $user = $this->request->user();
+
+        $data = ['user' => $user->toArray()];
+        return new HtmlContent('account/delete', $data);
    }

    public function saveAccount(): IContent
@ -46,18 +64,18 @@ class UserController implements ISecured
        $user = $this->request->user();

        if (!$user->checkPassword($this->request->post('password'))) {
-            $data = ['error' => 'password_not_match'];
+            $data = ['error' => ['errorText' => 'The given current password is wrong.']];
            return new JsonContent($data);
        }

        if (strlen($this->request->post('password_new')) > 0) {
            if (strlen($this->request->post('password_new')) < 6) {
-                $data = ['error' => 'password_too_short'];
+                $data = ['error' => ['errorText' => 'The given new password is too short. Please choose a password that is at least 6 characters long!']];
                return new JsonContent($data);
            }

            if ($this->request->post('password_new') !== $this->request->post('password_new_confirm')) {
-                $data = ['error' => 'passwords_not_match'];
+                $data = ['error' => ['errorText' => 'The given new passwords do not match.']];
                return new JsonContent($data);
            }

@ -69,4 +87,30 @@ class UserController implements ISecured
        $data = ['success' => true];
        return new JsonContent($data);
    }
+
+    public function deleteAccount(): IContent
+    {
+        /**
+         * @var User $user
+         */
+        $user = $this->request->user();
+
+        if (!$user->checkPassword($this->request->post('password'))) {
+            $data = ['error' => ['errorText' => 'The given current password is wrong.']];
+            return new JsonContent($data);
+        }
+
+        \Container::$dbConnection->startTransaction();
+
+        foreach ($this->userConfirmationRepository->getByUser($user) as $userConfirmation) {
+            $this->pdm->deleteFromDb($userConfirmation);
+        }
+
+        $this->pdm->deleteFromDb($user);
+
+        \Container::$dbConnection->commit();
+
+        $data = ['success' => true];
+        return new JsonContent($data);
+    }
 }
--- a/views/account/account.php
+++ b/views/account/account.php
@ -1,6 +1,6 @@
 <?php
 $jsFiles = [
-    'js/account.js',
+    'js/account/account.js',
 ];
 ?>
 <?php require ROOT . '/views/templates/main_header.php'; ?>
@ -8,7 +8,7 @@ $jsFiles = [
    <h2>Account</h2>
    <div class="box">
        <form id="accountForm" action="/account" method="post">
-            <input class="big fullWidth" type="password" name="password" placeholder="Current password" autofocus>
+            <input class="big fullWidth" type="password" name="password" placeholder="Current password" required minlength="6" autofocus>
            <hr>
            <?php /* TODO: disabled for the time being, email modification should be implemented */ ?>
            <input class="big fullWidth" type="email" name="email" placeholder="Email address" value="<?= $user['email'] ?>" disabled>
@ -18,6 +18,10 @@ $jsFiles = [
            <div class="right marginTop">
                <button type="submit" name="submit" disabled>Save</button>
            </div>
+            <hr>
+            <div class="center">
+                <a class="button red" href="/account/delete" title="Delete account">Delete account</a>
+            </div>
        </form>
    </div>
 <?php require ROOT . '/views/templates/footer.php'; ?>
--- a/views/account/delete.php
+++ b/views/account/delete.php
@ -0,0 +1,20 @@
+<?php
+$jsFiles = [
+    'js/account/delete.js',
+];
+?>
+<?php require ROOT . '/views/templates/main_header.php'; ?>
+<?php require ROOT . '/views/templates/header.php'; ?>
+    <h2>Delete account</h2>
+    <div class="box">
+        <form id="deleteAccountForm" action="/account/delete" method="post">
+            <p class="justify">Are you sure you want to delete your account? This cannot be undone!</p>
+            <input class="big fullWidth marginTop" type="password" name="password" placeholder="Current password" required minlength="6" autofocus>
+            <p id="deleteAccountFormError" class="formError justify marginTop"></p>
+            <div class="right marginTop">
+                <button class="red" type="submit" name="submit">Delete account</button>
+            </div>
+        </form>
+    </div>
+<?php require ROOT . '/views/templates/footer.php'; ?>
+<?php require ROOT . '/views/templates/main_footer.php'; ?>
--- a/views/login/login.php
+++ b/views/login/login.php
@ -1,6 +1,6 @@
 <?php
 $jsFiles = [
-    'js/login.js',
+    'js/login/login.js',
 ];
 ?>
 <?php require ROOT . '/views/templates/main_header.php'; ?>
--- a/views/login/signup.php
+++ b/views/login/signup.php
@ -1,6 +1,6 @@
 <?php
 $jsFiles = [
-    'js/signup.js',
+    'js/login/signup.js',
 ];
 ?>
 <?php require ROOT . '/views/templates/main_header.php'; ?>
--- a/web.php
+++ b/web.php
@ -35,6 +35,8 @@ Container::$routeCollection->get('logout', 'logout', [MapGuesser\Controller\Logi
 Container::$routeCollection->group('account', function (MapGuesser\Routing\RouteCollection $routeCollection) {
    $routeCollection->get('account', '', [MapGuesser\Controller\UserController::class, 'getAccount']);
    $routeCollection->post('account-action', '', [MapGuesser\Controller\UserController::class, 'saveAccount']);
+    $routeCollection->get('account.delete', 'delete', [MapGuesser\Controller\UserController::class, 'getDeleteAccount']);
+    $routeCollection->post('account.delete-action', 'delete', [MapGuesser\Controller\UserController::class, 'deleteAccount']);
 });
 //Container::$routeCollection->get('maps', 'maps', [MapGuesser\Controller\MapsController::class, 'getMaps']);
 Container::$routeCollection->group('game', function (MapGuesser\Routing\RouteCollection $routeCollection) {