github-mirror/discourse
github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-03-20 04:45:35 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FEATURE: Allow admins to disable self-service account deletion

Browse Source 
https://meta.discourse.org/t/-/146276
This commit is contained in:
Kane York 2020-04-01 13:10:17 -07:00 committed by Kane York
parent 90fcede832
commit cdaa60b56b
5 changed files with 30 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/user.rb
View File

@ -233,7 +233,6 @@ class User < ActiveRecord::Base
LAST_VISIT = -2 LAST_VISIT = -2
end end
MAX_SELF_DELETE_POST_COUNT ||= 1
MAX_STAFF_DELETE_POST_COUNT ||= 5 MAX_STAFF_DELETE_POST_COUNT ||= 5
def self.max_password_length def self.max_password_length
@ -1286,6 +1285,7 @@ class User < ActiveRecord::Base
def has_more_posts_than?(max_post_count) def has_more_posts_than?(max_post_count)
return true if user_stat && (user_stat.topic_count + user_stat.post_count) > max_post_count return true if user_stat && (user_stat.topic_count + user_stat.post_count) > max_post_count
return true if max_post_count < 0
DB.query_single(<<~SQL, user_id: self.id).first > max_post_count DB.query_single(<<~SQL, user_id: self.id).first > max_post_count
SELECT COUNT(1) SELECT COUNT(1)

1
config/locales/server.en.yml
View File

@ -1952,6 +1952,7 @@ en:
relative_date_duration: "Number of days after posting where post dates will be shown as relative (7d) instead of absolute (20 Feb)." relative_date_duration: "Number of days after posting where post dates will be shown as relative (7d) instead of absolute (20 Feb)."
delete_user_max_post_age: "Don't allow deleting users whose first post is older than (x) days." delete_user_max_post_age: "Don't allow deleting users whose first post is older than (x) days."
delete_all_posts_max: "The maximum number of posts that can be deleted at once with the Delete All Posts button. If a user has more than this many posts, the posts cannot all be deleted at once and the user can't be deleted." delete_all_posts_max: "The maximum number of posts that can be deleted at once with the Delete All Posts button. If a user has more than this many posts, the posts cannot all be deleted at once and the user can't be deleted."
delete_user_self_max_post_count: "The maximum number of posts a user can have while allowing self-service account deletion. Set to -1 to disable self-service account deletion."
username_change_period: "The maximum number of days after registration that accounts can change their username (0 to disallow username change)." username_change_period: "The maximum number of days after registration that accounts can change their username (0 to disallow username change)."
email_editable: "Allow users to change their e-mail address after registration." email_editable: "Allow users to change their e-mail address after registration."
logout_redirect: "Location to redirect browser to after logout (eg: https://example.com/logout)" logout_redirect: "Location to redirect browser to after logout (eg: https://example.com/logout)"

3
config/site_settings.yml
View File

@ -542,6 +542,9 @@ users:
client: true client: true
default: 15 default: 15
min: 1 min: 1
delete_user_self_max_post_count:
default: 1
min: -1
redirect_users_to_top_page: true redirect_users_to_top_page: true
prioritize_username_in_ux: prioritize_username_in_ux:
client: true client: true

2
lib/guardian/user_guardian.rb
View File

@ -62,7 +62,7 @@ module UserGuardian
return false if user.nil? || user.admin? return false if user.nil? || user.admin?
if is_me?(user) if is_me?(user)
!SiteSetting.enable_sso && !SiteSetting.enable_sso &&
!user.has_more_posts_than?(User::MAX_SELF_DELETE_POST_COUNT) !user.has_more_posts_than?(SiteSetting.delete_user_self_max_post_count)
else else
is_staff? && ( is_staff? && (
user.first_post_created_at.nil? || user.first_post_created_at.nil? ||

24
spec/components/guardian/user_guardian_spec.rb
View File

@ -303,6 +303,30 @@ describe UserGuardian do
Fabricate(:post, user: user, topic: topic) Fabricate(:post, user: user, topic: topic)
expect(guardian.can_delete_user?(user)).to eq(false) expect(guardian.can_delete_user?(user)).to eq(false)
end end
it "isn't allowed when site admin blocked self deletion" do
expect(user.first_post_created_at).to be_nil
SiteSetting.delete_user_self_max_post_count = -1
expect(guardian.can_delete_user?(user)).to eq(false)
end
it "correctly respects the delete_user_self_max_post_count setting" do
SiteSetting.delete_user_self_max_post_count = 0
expect(guardian.can_delete_user?(user)).to eq(true)
Fabricate(:post, user: user)
expect(guardian.can_delete_user?(user)).to eq(false)
SiteSetting.delete_user_self_max_post_count = 1
expect(guardian.can_delete_user?(user)).to eq(true)
Fabricate(:post, user: user)
expect(guardian.can_delete_user?(user)).to eq(false)
SiteSetting.delete_user_self_max_post_count = 2
expect(guardian.can_delete_user?(user)).to eq(true)
end
end end
context "for moderators" do context "for moderators" do