Merge branch 'purge-user' into 'develop'
Purge a local user upon deletion, fixes #2062 Closes #2062 See merge request pleroma/pleroma!2898
This commit is contained in:
commit
566749f77a
|
@ -1583,6 +1583,49 @@ def update_notification_settings(%User{} = user, settings) do
|
|||
|> update_and_set_cache()
|
||||
end
|
||||
|
||||
@spec purge_user_changeset(User.t()) :: Changeset.t()
|
||||
def purge_user_changeset(user) do
|
||||
# "Right to be forgotten"
|
||||
# https://gdpr.eu/right-to-be-forgotten/
|
||||
change(user, %{
|
||||
bio: nil,
|
||||
raw_bio: nil,
|
||||
email: nil,
|
||||
name: nil,
|
||||
password_hash: nil,
|
||||
keys: nil,
|
||||
public_key: nil,
|
||||
avatar: %{},
|
||||
tags: [],
|
||||
last_refreshed_at: nil,
|
||||
last_digest_emailed_at: nil,
|
||||
banner: %{},
|
||||
background: %{},
|
||||
note_count: 0,
|
||||
follower_count: 0,
|
||||
following_count: 0,
|
||||
locked: false,
|
||||
confirmation_pending: false,
|
||||
password_reset_pending: false,
|
||||
approval_pending: false,
|
||||
registration_reason: nil,
|
||||
confirmation_token: nil,
|
||||
domain_blocks: [],
|
||||
deactivated: true,
|
||||
ap_enabled: false,
|
||||
is_moderator: false,
|
||||
is_admin: false,
|
||||
mastofe_settings: nil,
|
||||
mascot: nil,
|
||||
emoji: %{},
|
||||
pleroma_settings_store: %{},
|
||||
fields: [],
|
||||
raw_fields: [],
|
||||
discoverable: false,
|
||||
also_known_as: []
|
||||
})
|
||||
end
|
||||
|
||||
def delete(users) when is_list(users) do
|
||||
for user <- users, do: delete(user)
|
||||
end
|
||||
|
@ -1610,7 +1653,7 @@ defp delete_or_deactivate(%User{local: true} = user) do
|
|||
|
||||
_ ->
|
||||
user
|
||||
|> change(%{deactivated: true, email: nil})
|
||||
|> purge_user_changeset()
|
||||
|> update_and_set_cache()
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1417,7 +1417,6 @@ test "deactivates user when activation is not required", %{user: user} do
|
|||
|
||||
test "delete/1 when approval is pending deletes the user" do
|
||||
user = insert(:user, approval_pending: true)
|
||||
{:ok, user: user}
|
||||
|
||||
{:ok, job} = User.delete(user)
|
||||
{:ok, _} = ObanHelpers.perform(job)
|
||||
|
@ -1426,6 +1425,85 @@ test "delete/1 when approval is pending deletes the user" do
|
|||
refute User.get_by_id(user.id)
|
||||
end
|
||||
|
||||
test "delete/1 purges a user when they wouldn't be fully deleted" do
|
||||
user =
|
||||
insert(:user, %{
|
||||
bio: "eyy lmao",
|
||||
name: "qqqqqqq",
|
||||
password_hash: "pdfk2$1b3n159001",
|
||||
keys: "RSA begin buplic key",
|
||||
public_key: "--PRIVATE KEYE--",
|
||||
avatar: %{"a" => "b"},
|
||||
tags: ["qqqqq"],
|
||||
banner: %{"a" => "b"},
|
||||
background: %{"a" => "b"},
|
||||
note_count: 9,
|
||||
follower_count: 9,
|
||||
following_count: 9001,
|
||||
locked: true,
|
||||
confirmation_pending: true,
|
||||
password_reset_pending: true,
|
||||
approval_pending: true,
|
||||
registration_reason: "ahhhhh",
|
||||
confirmation_token: "qqqq",
|
||||
domain_blocks: ["lain.com"],
|
||||
deactivated: true,
|
||||
ap_enabled: true,
|
||||
is_moderator: true,
|
||||
is_admin: true,
|
||||
mastofe_settings: %{"a" => "b"},
|
||||
mascot: %{"a" => "b"},
|
||||
emoji: %{"a" => "b"},
|
||||
pleroma_settings_store: %{"q" => "x"},
|
||||
fields: [%{"gg" => "qq"}],
|
||||
raw_fields: [%{"gg" => "qq"}],
|
||||
discoverable: true,
|
||||
also_known_as: ["https://lol.olo/users/loll"]
|
||||
})
|
||||
|
||||
{:ok, job} = User.delete(user)
|
||||
{:ok, _} = ObanHelpers.perform(job)
|
||||
user = User.get_by_id(user.id)
|
||||
|
||||
assert %User{
|
||||
bio: nil,
|
||||
raw_bio: nil,
|
||||
email: nil,
|
||||
name: nil,
|
||||
password_hash: nil,
|
||||
keys: nil,
|
||||
public_key: nil,
|
||||
avatar: %{},
|
||||
tags: [],
|
||||
last_refreshed_at: nil,
|
||||
last_digest_emailed_at: nil,
|
||||
banner: %{},
|
||||
background: %{},
|
||||
note_count: 0,
|
||||
follower_count: 0,
|
||||
following_count: 0,
|
||||
locked: false,
|
||||
confirmation_pending: false,
|
||||
password_reset_pending: false,
|
||||
approval_pending: false,
|
||||
registration_reason: nil,
|
||||
confirmation_token: nil,
|
||||
domain_blocks: [],
|
||||
deactivated: true,
|
||||
ap_enabled: false,
|
||||
is_moderator: false,
|
||||
is_admin: false,
|
||||
mastofe_settings: nil,
|
||||
mascot: nil,
|
||||
emoji: %{},
|
||||
pleroma_settings_store: %{},
|
||||
fields: [],
|
||||
raw_fields: [],
|
||||
discoverable: false,
|
||||
also_known_as: []
|
||||
} = user
|
||||
end
|
||||
|
||||
test "get_public_key_for_ap_id fetches a user that's not in the db" do
|
||||
assert {:ok, _key} = User.get_public_key_for_ap_id("http://mastodon.example.org/users/admin")
|
||||
end
|
||||
|
|
|
@ -155,13 +155,30 @@ test "GET /api/pleroma/admin/users/:nickname requires " <>
|
|||
|
||||
describe "DELETE /api/pleroma/admin/users" do
|
||||
test "single user", %{admin: admin, conn: conn} do
|
||||
user = insert(:user)
|
||||
clear_config([:instance, :federating], true)
|
||||
|
||||
user =
|
||||
insert(:user,
|
||||
avatar: %{"url" => [%{"href" => "https://someurl"}]},
|
||||
banner: %{"url" => [%{"href" => "https://somebanner"}]},
|
||||
bio: "Hello world!",
|
||||
name: "A guy"
|
||||
)
|
||||
|
||||
# Create some activities to check they got deleted later
|
||||
follower = insert(:user)
|
||||
{:ok, _} = CommonAPI.post(user, %{status: "test"})
|
||||
{:ok, _, _, _} = CommonAPI.follow(user, follower)
|
||||
{:ok, _, _, _} = CommonAPI.follow(follower, user)
|
||||
user = Repo.get(User, user.id)
|
||||
assert user.note_count == 1
|
||||
assert user.follower_count == 1
|
||||
assert user.following_count == 1
|
||||
refute user.deactivated
|
||||
|
||||
with_mock Pleroma.Web.Federator,
|
||||
publish: fn _ -> nil end do
|
||||
publish: fn _ -> nil end,
|
||||
perform: fn _, _ -> nil end do
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "application/json")
|
||||
|
@ -181,6 +198,14 @@ test "single user", %{admin: admin, conn: conn} do
|
|||
user = Repo.get(User, user.id)
|
||||
assert user.deactivated
|
||||
|
||||
assert user.avatar == %{}
|
||||
assert user.banner == %{}
|
||||
assert user.note_count == 0
|
||||
assert user.follower_count == 0
|
||||
assert user.following_count == 0
|
||||
assert user.bio == nil
|
||||
assert user.name == nil
|
||||
|
||||
assert called(Pleroma.Web.Federator.publish(:_))
|
||||
end
|
||||
end
|
||||
|
|
|
@ -586,10 +586,16 @@ test "with proper permissions and wrong or missing password", %{conn: conn} do
|
|||
end
|
||||
end
|
||||
|
||||
test "with proper permissions and valid password", %{conn: conn} do
|
||||
test "with proper permissions and valid password", %{conn: conn, user: user} do
|
||||
conn = post(conn, "/api/pleroma/delete_account", %{"password" => "test"})
|
||||
|
||||
ObanHelpers.perform_all()
|
||||
assert json_response(conn, 200) == %{"status" => "success"}
|
||||
|
||||
user = User.get_by_id(user.id)
|
||||
assert user.deactivated == true
|
||||
assert user.name == nil
|
||||
assert user.bio == nil
|
||||
assert user.password_hash == nil
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue