IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FEATURE: add option to delete user associated account on password reset (#27696)

Browse Source
This commit is contained in:
Arpit Jalan 2024-07-04 06:58:00 +05:30 committed by GitHub
parent 72a5389459
commit 947249719a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 33 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/users_controller.rb
View File

@ -901,6 +901,10 @@ class UsersController < ApplicationController
secure_session["password-#{token}"] = nil secure_session["password-#{token}"] = nil
secure_session["second-factor-#{token}"] = nil secure_session["second-factor-#{token}"] = nil
if SiteSetting.delete_associated_accounts_on_password_reset
@user.user_associated_accounts.destroy_all
end
UserHistory.create!( UserHistory.create!(
target_user: @user, target_user: @user,
acting_user: @user, acting_user: @user,

2
config/locales/server.en.yml
View File

@ -2369,6 +2369,8 @@ en:
allow_users_to_hide_profile: "Allow users to hide their profile and presence" allow_users_to_hide_profile: "Allow users to hide their profile and presence"
hide_user_activity_tab: "Hide the activity tab on user profiles except for Admin and self." hide_user_activity_tab: "Hide the activity tab on user profiles except for Admin and self."
delete_associated_accounts_on_password_reset: "Delete user associated account when user changes the password."
allow_featured_topic_on_user_profiles: "Allow users to feature a link to a topic on their user card and profile." allow_featured_topic_on_user_profiles: "Allow users to feature a link to a topic on their user card and profile."
show_inactive_accounts: "Allow logged in users to browse profiles of inactive accounts." show_inactive_accounts: "Allow logged in users to browse profiles of inactive accounts."

2
config/site_settings.yml
View File

@ -793,6 +793,8 @@ users:
hide_user_activity_tab: hide_user_activity_tab:
default: false default: false
client: true client: true
delete_associated_accounts_on_password_reset:
default: false
groups: groups:
enable_group_directory: enable_group_directory:

25
spec/requests/users_controller_spec.rb
View File

@ -304,6 +304,31 @@ RSpec.describe UsersController do
expect(user1.user_option.reload.timezone).to eq("America/Chicago") expect(user1.user_option.reload.timezone).to eq("America/Chicago")
end end
it "deletes user associated accounts" do
SiteSetting.delete_associated_accounts_on_password_reset = true
UserAssociatedAccount.create(
user_id: user.id,
provider_uid: "example0",
provider_name: "facebook",
)
UserAssociatedAccount.create(
user_id: user1.id,
provider_uid: "example1",
provider_name: "facebook",
)
get "/u/password-reset/#{email_token.token}"
expect do
put "/u/password-reset/#{email_token.token}",
params: {
password: "hg9ow8yhg98oadminlonger",
}
end.to change { UserAssociatedAccount.count }.by(-1)
expect(UserAssociatedAccount.count).to eq(1)
end
it "logs the password change" do it "logs the password change" do
get "/u/password-reset/#{email_token.token}" get "/u/password-reset/#{email_token.token}"