enabled user deletes again

mdeiters · mdeiters · commit 1e33f2429b49 · 2016-01-18T21:13:22.000-08:00
diff --git a/.gitignore b/.gitignore
@@ -60,3 +60,4 @@ BACKUP
 Guardfile
 verification.log
 npm-debug.log
+dump.rdb
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -17,9 +17,10 @@ def signin
   # GET                   /sessions/force(.:format)
   def force
     #REMOVEME
-    head(:forbidden) unless current_user.admin?
+    head(:forbidden) unless Rails.env.development? || current_user.admin?
     sign_out
-    sign_in(User.find(params[:id]))
+    user = params[:id].present? ? User.find(params[:id]) : User.find_by_username(params[:username])
+    sign_in(user)
     redirect_to(root_url)
   end
 
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -94,6 +94,26 @@ def create
     end
   end
 
+  def delete_account
+    return head(:forbidden) unless signed_in?
+  end
+
+  def delete_account_confirmed
+    user = User.find(current_user.id)
+    user.destroy
+    sign_out
+    redirect_to root_url
+  end
+
+  def destroy
+    destroy_params = params.permit(:id)
+    return head(:forbidden) unless current_user.admin? || current_user.id == destroy_params[:id]
+
+    @user = User.find(destroy_params[:id])
+    @user.destroy
+    redirect_to badge_url(@user.username)
+  end
+
   # GET                   /settings(.:format)
   def edit
     respond_to do |format|
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -180,13 +180,13 @@ class User < ActiveRecord::Base
 
   has_many :badges, order: 'created_at DESC'
   has_many :followed_teams
-  has_many :user_events
+  has_many :user_events, dependent: :destroy
   has_many :skills, order: "weight DESC"
   has_many :endorsements, foreign_key: 'endorsed_user_id'
   has_many :endorsings, foreign_key: 'endorsing_user_id', class_name: 'Endorsement'
   has_many :protips, dependent: :destroy
   has_many :likes
-  has_many :comments
+  has_many :comments, dependent: :destroy
 
   has_one :github_profile  , class_name: 'Users::Github::Profile', dependent: :destroy
   has_many :github_repositories, through: :github_profile , source: :repositories
diff --git a/app/views/users/_show_admin_panel.slim b/app/views/users/_show_admin_panel.slim
@@ -15,6 +15,9 @@
           =link_to("Unban this user", user_unbans_path(user), method: :post)
         - else
           =link_to("Ban this user", user_bans_path(user), method: :post)
+
+      li.admin-action= link_to('Delete User', user_path(user), :confirm => 'Are you sure?', :method => :delete)
+      li.admin-action= link_to_if(user.twitter,'Clear Twitter!', clear_provider_path(user, :provider => 'twitter'), :confirm => 'Are you sure?')
       li.admin-action= link_to_if(user.twitter,'Clear Twitter!', clear_provider_path(user, :provider => 'twitter'), :confirm => 'Are you sure?')
       li.admin-action= link_to_if(user.github,'Clear GitHub!', clear_provider_path(user, :provider => 'github'), :confirm => 'Are you sure?')
       -if user.linkedin || user.linkedin_id
diff --git a/app/views/users/delete_account.html.haml b/app/views/users/delete_account.html.haml
@@ -0,0 +1,13 @@
+=content_for :body_id do
+  member-settings
+
+#lflf
+  %h1.big-title Remove Your Account
+  .panel.cf
+    .inside-panel-align-left
+      #social_section.editsection
+        %p Warning: clicking this link below will permenatly delete your Coderwall account and its data.
+        .left
+          .setting
+            =form_tag delete_account_confirmed_path do |form|
+              .save=submit_tag 'Delete your account & sign out', :class => 'button', :confirm => "This is the point of no return. Are you sure you want to delete your account?"
diff --git a/app/views/users/edit/_basic.html.slim b/app/views/users/edit/_basic.html.slim
@@ -60,9 +60,9 @@
           .delete
             p
               |Deleting your account is permanent and will make your username available to someone else. If you would still like to delete your account,
-              = link_to " click here.", "/delete_account"
+              = link_to " click here.", user_path(user), :confirm => 'Are you sure?', :method => :delete
+
       .row
         .input-field.col.s12.m6
         .input-field.col.s12.m6
           .save =submit_tag 'Save', class: 'btn right'
-
diff --git a/config/routes.rb b/config/routes.rb
@@ -319,6 +319,8 @@
   get '/settings' => 'users#edit', as: :settings
   get '/unsubscribe' => 'emails#unsubscribe'
   get '/delivered' => 'emails#delivered'
+  get '/delete_account' => 'users#delete_account', as: :delete_account
+  post '/delete_account_confirmed' => 'users#delete_account_confirmed', as: :delete_account_confirmed
 
   resources :authentications, :usernames
   resources :invitations
